urlscan.io logo urlscan.io
SecurityTrails logo

www.staradvertiser.com Open in urlscan Pro
34.68.132.100  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Submission: On January 05 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 292 IPs in 14 countries across 243 domains to perform 1750 HTTP transactions. The main IP is 34.68.132.100, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.staradvertiser.com. The Cisco Umbrella rank of the primary domain is 257585.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 28th 2023. Valid for: a year.
This is the only time www.staradvertiser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 34.68.132.100 396982 (GOOGLE-CL...)
4 2600:9000:208... 16509 (AMAZON-02)
53 141.193.213.11 209242 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2600:1418:a00... 20940 (AKAMAI-ASN1)
8 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:24f... 16509 (AMAZON-02)
1 2600:9000:26c... 16509 (AMAZON-02)
1 23.7.17.42 16625 (AKAMAI-AS)
4 2600:9000:208... 16509 (AMAZON-02)
2 2600:9000:200... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
4 52.206.34.84 14618 (AMAZON-AES)
5 2a04:4e42::282 54113 (FASTLY)
11 2607:f8b0:400... 15169 (GOOGLE)
26 2607:f8b0:400... 15169 (GOOGLE)
3 52.216.178.118 16509 (AMAZON-02)
1 6 3.162.125.78 16509 (AMAZON-02)
13 34.96.77.232 396982 (GOOGLE-CL...)
1 2606:2800:11f... 15133 (EDGECAST)
1 16.182.72.177 16509 (AMAZON-02)
9 2606:4700::68... 13335 (CLOUDFLAR...)
4 23.39.177.151 16625 (AKAMAI-AS)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2600:1418:a00... 20940 (AKAMAI-ASN1)
8 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:26c... 16509 (AMAZON-02)
64 151.101.193.44 54113 (FASTLY)
1 8 108.138.85.29 16509 (AMAZON-02)
2 2620:1ec:29:1... 8075 (MICROSOFT...)
3 2600:1901:0:d... 15169 (GOOGLE)
1 2600:1901:0:3... 15169 (GOOGLE)
3 3.229.92.32 14618 (AMAZON-AES)
2 2600:9000:200... 16509 (AMAZON-02)
1 45.55.99.106 14061 (DIGITALOC...)
1 2600:9000:24f... 16509 (AMAZON-02)
7 44.210.27.167 14618 (AMAZON-AES)
1 2 107.178.250.234 396982 (GOOGLE-CL...)
2 2a02:b48:9000::1 39572 (ADVANCEDH...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2606:4700:e4:... 13335 (CLOUDFLAR...)
13 3.82.85.240 14618 (AMAZON-AES)
4 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 54.234.151.247 14618 (AMAZON-AES)
1 4 18.213.141.199 14618 (AMAZON-AES)
3 2607:f350:3:2... 27630 (AS-XFERNET)
2 2606:4700:440... 13335 (CLOUDFLAR...)
23 34.149.50.64 396982 (GOOGLE-CL...)
5 23 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:ae80:145... 25751 (VALUECLICK)
2 27 147.75.195.55 54825 (PACKET)
9 34.149.20.76 15169 (GOOGLE)
3 3.210.0.246 14618 (AMAZON-AES)
5 2620:100:a001... 19750 (AS-CRITEO)
8 10 185.167.164.39 198622 (ADFORM)
13 48 34.98.64.218 396982 (GOOGLE-CL...)
7 46 104.18.36.155 13335 (CLOUDFLAR...)
36 57 68.67.179.164 29990 (ASN-APPNEX)
3 2602:803:c002... 26667 (RUBICONPR...)
10 14 63.251.86.49 10913 (INTERNAP-BLK)
2 23.20.191.184 14618 (AMAZON-AES)
1 52.25.235.164 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
12 2607:f8b0:400... 15169 (GOOGLE)
1 18.160.18.59 16509 (AMAZON-02)
2 18.160.46.40 16509 (AMAZON-02)
1 34.234.4.96 14618 (AMAZON-AES)
12 2001:4860:480... 15169 (GOOGLE)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 108.128.207.160 16509 (AMAZON-02)
1 52.85.132.6 16509 (AMAZON-02)
1 138.197.60.79 14061 (DIGITALOC...)
1 2600:9000:24f... 16509 (AMAZON-02)
15 23.56.220.247 16625 (AKAMAI-AS)
2 23.20.158.212 14618 (AMAZON-AES)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 172.253.115.149 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
3 104.18.38.76 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
3 172.64.152.89 13335 (CLOUDFLAR...)
13 52.85.151.96 16509 (AMAZON-02)
6 13.249.42.27 16509 (AMAZON-02)
12 44.206.145.94 14618 (AMAZON-AES)
2 52.73.22.220 14618 (AMAZON-AES)
3 34.205.113.238 14618 (AMAZON-AES)
1 3 2620:100:a001::c 19750 (AS-CRITEO)
1 2001:4860:480... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
1 23.56.221.132 16625 (AKAMAI-AS)
5 213.239.211.175 24940 (HETZNER-AS)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 12 2606:4700:10:... 13335 (CLOUDFLAR...)
24 27 15.197.193.217 16509 (AMAZON-02)
23 33 8.28.7.83 62713 (AS-PUBMATIC)
53 120 8.43.72.97 26667 (RUBICONPR...)
12 19 34.111.113.62 396982 (GOOGLE-CL...)
25 50 172.253.63.155 15169 (GOOGLE)
16 18 54.164.14.168 ()
7 7 2607:f350:3:2... ()
3 6 54.172.142.205 ()
2 184.28.44.83 16625 (AKAMAI-AS)
1 2 142.251.163.154 ()
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
8 141.226.224.48 200478 (TABOOLA-AS)
7 20.114.189.135 8075 (MICROSOFT...)
1 13.32.151.81 16509 (AMAZON-02)
2 35.244.184.131 396982 (GOOGLE-CL...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
15 2a02:b48:9001::1 39572 (ADVANCEDH...)
9 2607:f8b0:400... 15169 (GOOGLE)
6 54.174.200.239 14618 (AMAZON-AES)
2 151.101.1.44 54113 (FASTLY)
14 141.226.124.48 200478 (TABOOLA-AS)
2 2 2400:52e0:1a0... ()
2 7 2a04:4e42:200... 54113 (FASTLY)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 13.249.39.55 16509 (AMAZON-02)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
2 34.120.155.137 396982 (GOOGLE-CL...)
1 34.206.99.162 14618 (AMAZON-AES)
1 7 35.244.193.51 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
14 2607:f8b0:400... 15169 (GOOGLE)
2 18.160.10.101 16509 (AMAZON-02)
14 2620:100:a001::4 19750 (AS-CRITEO)
20 20 184.87.56.223 ()
50 23.39.177.103 16625 (AKAMAI-AS)
11 16 141.95.98.65 16276 (OVH)
1 2 34.193.193.20 14618 (AMAZON-AES)
35 38 69.194.240.13 26120 (RHYTHMONE)
7 7 2620:112:f002... ()
26 44 67.202.105.23 32748 (STEADFAST)
3 8 67.202.105.34 32748 (STEADFAST)
15 3.227.185.122 14618 (AMAZON-AES)
1 104.16.80.121 13335 (CLOUDFLAR...)
7 13 34.235.75.11 14618 (AMAZON-AES)
2 151.101.129.108 54113 (FASTLY)
10 11 35.214.181.122 15169 (GOOGLE)
3 3 172.240.155.116 ()
5 23.7.29.146 16625 (AKAMAI-AS)
3 3 63.251.28.133 ()
57 60 35.211.178.172 19527 (GOOGLE-2)
13 24 8.28.7.82 62713 (AS-PUBMATIC)
5 6 216.22.16.36 30633 (LEASEWEB-...)
3 8 52.72.225.207 14618 (AMAZON-AES)
11 14 198.148.27.131 19189 (PULSEPOINT)
4 23.39.176.28 16625 (AKAMAI-AS)
5 2606:4700::68... 13335 (CLOUDFLAR...)
8 9 151.101.194.49 54113 (FASTLY)
10 14 2600:1f18:4e9... 14618 (AMAZON-AES)
2 47 52.46.151.131 16509 (AMAZON-02)
15 19 52.202.180.1 14618 (AMAZON-AES)
2 2 13.32.151.31 ()
7 7 199.38.167.130 ()
1 107.178.254.65 396982 (GOOGLE-CL...)
2 2 34.160.19.107 ()
4 4 192.132.33.67 ()
9 9 52.5.138.9 ()
5 52.214.64.222 16509 (AMAZON-02)
3 11 23.222.197.151 16625 (AKAMAI-AS)
82 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:e4:... 13335 (CLOUDFLAR...)
3 162.19.138.82 16276 (OVH)
1 12 51.222.239.232 16276 (OVH)
7 34.149.40.38 396982 (GOOGLE-CL...)
1 192.241.157.60 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 54.161.113.161 14618 (AMAZON-AES)
7 69.194.240.11 26120 (RHYTHMONE)
3 69.173.151.96 26667 (RUBICONPR...)
3 13.249.39.73 16509 (AMAZON-02)
4 34.194.35.34 14618 (AMAZON-AES)
4 104.36.115.111 62713 (AS-PUBMATIC)
4 108.138.66.130 16509 (AMAZON-02)
5 5 35.207.24.140 ()
20 34.117.239.71 396982 (GOOGLE-CL...)
15 18 3.225.218.10 14618 (AMAZON-AES)
13 13 2606:ae80:147... ()
12 59 52.223.22.214 16509 (AMAZON-02)
13 15 54.146.92.239 ()
1 45 172.98.26.246 399668 (E-PLANNING-)
9 9 74.119.119.150 ()
2 2 52.0.156.250 ()
2 2a02:6ea0:e20... 60068 (CDN77 ^_^)
1 6 23.45.145.114 16625 (AKAMAI-AS)
3 13.249.39.110 16509 (AMAZON-02)
1 54.173.88.168 14618 (AMAZON-AES)
2 54.82.127.194 14618 (AMAZON-AES)
3 2600:1408:c40... 20940 (AKAMAI-ASN1)
5 15 138.201.8.249 24940 (HETZNER-AS)
1 27 3.13.55.213 16509 (AMAZON-02)
8 13 23.105.12.136 30633 (LEASEWEB-...)
15 15 70.42.32.159 ()
3 3 35.211.118.13 ()
1 54.243.186.52 14618 (AMAZON-AES)
5 6 37.157.6.232 ()
1 1 47.252.78.131 ()
7 7 185.184.8.90 ()
3 3 82.145.213.8 ()
5 2600:9000:244... 16509 (AMAZON-02)
1 8 8.28.7.81 62713 (AS-PUBMATIC)
3 3 184.25.146.64 ()
3 3 207.198.113.230 ()
2 8.2.110.17 46636 (NATCOWEB)
4 172.98.26.242 399668 (E-PLANNING-)
6 8 35.227.252.103 396982 (GOOGLE-CL...)
2 2 3.93.30.112 ()
3 3 35.173.160.65 ()
2 2 34.199.187.121 ()
4 4 35.211.233.246 ()
3 3 8.2.110.161 ()
2 2 47.253.61.56 ()
5 5 216.200.232.253 ()
1 2600:1408:c40... 20940 (AKAMAI-ASN1)
1 3.162.103.27 16509 (AMAZON-02)
2 2 45.137.176.88 ()
2 2 23.108.102.14 ()
4 9 35.244.154.8 396982 (GOOGLE-CL...)
4 7 131.153.242.59 19437 (SS-ASH)
3 7 5.161.188.99 213230 (HETZNER-C...)
2 2 134.122.57.34 ()
1 104.36.115.123 62713 (AS-PUBMATIC)
1 5 8.28.7.84 62713 (AS-PUBMATIC)
1 141.226.224.32 200478 (TABOOLA-AS)
1 35.211.243.123 19527 (GOOGLE-2)
1 208.115.232.150 46475 (LIMESTONE...)
1 104.22.69.131 13335 (CLOUDFLAR...)
1 2607:4f00:932::2 55081 (24SHELLS)
1 8.2.111.111 46636 (NATCOWEB)
1 104.154.142.214 396982 (GOOGLE-CL...)
3 3 172.240.127.128 ()
1 1 8.39.36.142 ()
1 34.197.115.132 14618 (AMAZON-AES)
1 108.138.85.19 16509 (AMAZON-02)
2 2600:1f18:61c... 14618 (AMAZON-AES)
4 5 38.91.45.7 398989 (DEEPINTENT)
1 54.239.33.159 16509 (AMAZON-02)
2 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 1 2600:9000:201... ()
1 2 2600:9000:226... ()
1 18.67.65.75 16509 (AMAZON-02)
1 23.45.13.203 20940 (AKAMAI-ASN1)
12 63.251.86.50 10913 (INTERNAP-BLK)
8 8 52.71.68.246 ()
1 1 52.0.205.209 ()
1 34.107.140.113 396982 (GOOGLE-CL...)
1 50.17.122.21 14618 (AMAZON-AES)
6 8 2620:116:800b... 14618 (AMAZON-AES)
2 34.107.217.107 396982 (GOOGLE-CL...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 2603:c020:400... ()
5 5 173.231.184.20 ()
1 1 192.96.203.13 ()
3 4 3.89.188.37 14618 (AMAZON-AES)
5 9 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 69.90.254.78 ()
1 1 139.162.117.143 ()
1 40.76.134.238 8075 (MICROSOFT...)
9 9 34.150.170.96 ()
5 6 3.223.16.170 14618 (AMAZON-AES)
3 4 38.98.69.175 174 (COGENT-174)
9 9 207.198.113.87 ()
6 2607:f8b0:402... 15169 (GOOGLE)
7 18.160.46.85 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
5 5 2600:9000:230... ()
3 3 35.208.249.213 ()
3 34.202.106.54 14618 (AMAZON-AES)
1 4 3.222.45.79 14618 (AMAZON-AES)
4 2620:100:a001... 19750 (AS-CRITEO)
2 74.119.119.139 19750 (AS-CRITEO)
1 34.200.63.182 14618 (AMAZON-AES)
1 64.202.112.159 23352 (SERVERCEN...)
23 3.224.6.94 14618 (AMAZON-AES)
2 4 34.96.105.8 396982 (GOOGLE-CL...)
1 96.46.186.182 7979 (SERVERS-COM)
1 1 85.114.159.118 ()
1 34.107.148.139 396982 (GOOGLE-CL...)
2 35.174.112.174 14618 (AMAZON-AES)
1 35.170.7.97 14618 (AMAZON-AES)
1 1 38.68.201.140 ()
1 159.89.246.130 14061 (DIGITALOC...)
3 2606:ae80:147... 25751 (VALUECLICK)
1 3.92.12.163 14618 (AMAZON-AES)
1 1 34.95.81.168 ()
2 2 35.210.53.219 ()
9 174.137.133.32 27257 (WEBAIR-IN...)
1 3.128.106.141 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:201... 16509 (AMAZON-02)
3 3 213.19.162.90 ()
4 4 34.96.71.22 396982 (GOOGLE-CL...)
2 2 18.160.10.82 16509 (AMAZON-02)
4 4 143.244.208.184 14061 (DIGITALOC...)
4 100.25.25.103 14618 (AMAZON-AES)
1 1 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 23.21.51.122 14618 (AMAZON-AES)
2 12 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.120.58.62 396982 (GOOGLE-CL...)
22 35.172.99.217 14618 (AMAZON-AES)
3 3 52.23.23.251 14618 (AMAZON-AES)
2 15.197.179.7 16509 (AMAZON-02)
2 2 52.73.4.162 14618 (AMAZON-AES)
3 3 124.146.153.162 2514 (INFOSPHER...)
1 35.186.193.173 15169 (GOOGLE)
1 23.88.86.2 24940 (HETZNER-AS)
1 195.5.165.20 44968 (IPROM-AS)
3 3 184.86.146.172 16625 (AKAMAI-AS)
1 2 50.17.254.219 14618 (AMAZON-AES)
1 52.44.250.119 14618 (AMAZON-AES)
1 16 3.226.158.19 14618 (AMAZON-AES)
1 18.160.10.111 16509 (AMAZON-02)
1 2600:9000:250... 16509 (AMAZON-02)
1 99.84.108.111 16509 (AMAZON-02)
1 172.64.151.101 13335 (CLOUDFLAR...)
2 2 80.77.87.163 46636 (NATCOWEB)
4 5 2620:112:f002... 6336 (TURN-US-ASN)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
3 6 34.233.109.59 14618 (AMAZON-AES)
3 4 52.17.153.143 16509 (AMAZON-02)
1 2 50.57.31.206 19994 (RACKSPACE)
2 2 141.94.171.216 16276 (OVH)
2 3 18.214.54.215 14618 (AMAZON-AES)
2 2 8.2.110.134 46636 (NATCOWEB)
11 2607:f8b0:400... ()
3 2607:f8b0:400... ()
2 2600:9000:208... ()
1 192.0.77.40 ()
1 1 172.104.105.5 63949 (AKAMAI-LI...)
1 54.156.229.21 ()
1 2620:100:a001... ()
1 1 20.253.86.149 8075 (MICROSOFT...)
1 2620:100:a001::3 ()
1 74.119.119.147 ()
1 2620:100:a001::9 ()
3 2620:100:a001... ()
4 35.168.119.229 ()
1 68.67.153.61 ()
1 1 23.46.192.28 ()
9 23.227.146.18 ()
1 13 104.22.68.131 ()
1 2620:1ec:c11:... ()
1 1 2600:1f18:765... ()
1 1 8.2.110.206 ()
1 1 178.250.7.11 ()
2 4 3.223.218.249 ()
1 2607:4f00:940::2 ()
1 54.176.146.78 ()
1 1 8.2.110.33 ()
1 1 51.83.220.94 ()
1 23.19.226.83 ()
2 2 185.184.10.30 ()
1 100.26.123.236 ()
1 1 2600:1f18:612... ()
1 1 2607:f8b0:400... ()
2 2607:f8b0:400... ()
6 7 54.85.146.200 ()
1 1 51.222.241.100 ()
1 1 34.228.135.33 ()
1 1 44.198.190.216 ()
1 1 2a04:4e42:400... ()
1750 292
4    34.68.132.100 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 100.132.68.34.bc.googleusercontent.com
www.staradvertiser.com
4    2600:9000:208f:5800:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3plfjw9uod7ab.cloudfront.net
53    141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
staradvertiser.wpenginepowered.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
4    2600:1418:a000:9::1728:6309 (Minneapolis, United States)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
8    2606:4700:e2::ac40:8c0d (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2607:f8b0:4004:c1d::5f (Washington, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2600:9000:24f3:3a00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2600:9000:26c1:5800:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.jwplatform.com
1    23.7.17.42 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-17-42.deploy.static.akamaitechnologies.com
s.ntv.io
4    2600:9000:208f:f200:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
2    2600:9000:2009:6c00:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
product.instiengage.com
1    2607:f8b0:4004:c06::66 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
4    52.206.34.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-34-84.compute-1.amazonaws.com
powerad.ai
5    2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
cdn.polyfill.io
11    2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
26    2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    52.216.178.118 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com
sa-media.s3.us-east-1.amazonaws.com
6    3.162.125.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-78.iad61.r.cloudfront.net
embed.sendtonews.com
embedcdn.sendtonews.com
13    34.96.77.232 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 232.77.96.34.bc.googleusercontent.com
origami.secure.ownlocal.com
1    2606:2800:11f:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdn.cityspark.com
1    16.182.72.177 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
sa-media.s3.amazonaws.com
9    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    23.39.177.151 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-177-151.deploy.static.akamaitechnologies.com
a.teads.tv
4    2606:4700:3030::6815:251b (United States)

ASN13335 (CLOUDFLARENET, US)
analyticssystems.net
2    2600:1418:a000:9::1728:6311 (Minneapolis, United States)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
8    2607:f8b0:4004:c08::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:26c1:5400:14:c3e7:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)
aamcftag.aamsitecertifier.com
64    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
imprchmp.taboola.com
8    108.138.85.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-29.iad12.r.cloudfront.net
sb.scorecardresearch.com
2    2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
3    2600:1901:0:d733::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
knottyswing.com
1    2600:1901:0:328a::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
scribblestring.com
3    3.229.92.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-92-32.compute-1.amazonaws.com
geoip.instiengage.com
cms.instiengage.com
2    2600:9000:2009:7400:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
auth.instiengage.com
1    45.55.99.106 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
i.kissmetrics.io
1    2600:9000:24f4:e600:15:9da4:e200:93a1 (United States)

ASN16509 (AMAZON-02, US)
scripts.kissmetrics.io
7    44.210.27.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-27-167.compute-1.amazonaws.com
travel.payvibe.com
2    107.178.250.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
2    2a02:b48:9000::1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn-p.cityspark.com
1    2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
4    2606:4700:e4::ac40:ae1e (United States)

ASN13335 (CLOUDFLARENET, US)
jxgdqbxdiycfimegq.ay.delivery
13    3.82.85.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-85-240.compute-1.amazonaws.com
geoip.insticator.com
event.insticator.com
4    2606:4700:4400::ac40:90a6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com
reporting.powerad.ai
4    18.213.141.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-141-199.compute-1.amazonaws.com
jadserve.postrelease.com
3    2607:f350:3:2569:0:10:0:a (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
2    2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
23    34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
23    2606:4700:10::ac43:2954 (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
1    2606:ae80:1451:17::1460 (United States)

ASN25751 (VALUECLICK, US)
web.hb.ad.cpe.dotomi.com
27    147.75.195.55 (Parsippany, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
9    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
3    3.210.0.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-0-246.compute-1.amazonaws.com
hb.minutemedia-prebid.com
5    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
10    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
adx2.adform.net
c1.adform.net
dmp.adform.net
48    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
insticator-d.openx.net
u.openx.net
us-u.openx.net
eu-u.openx.net
digikulture-d.openx.net
46    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ssum.casalemedia.com
57    68.67.179.164 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    2602:803:c002:200::113 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
14    63.251.86.49 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
2    23.20.191.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-191-184.compute-1.amazonaws.com
hb.yellowblue.io
1    52.25.235.164 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-235-164.us-west-2.compute.amazonaws.com
aamcf.aamsitecertifier.com
1    2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
12    2607:f8b0:4004:c09::93 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    18.160.18.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-59.iad12.r.cloudfront.net
ecdn.analysis.fi
2    18.160.46.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-40.iad55.r.cloudfront.net
ecdn.firstimpression.io
cdn.firstimpression.io
1    34.234.4.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-4-96.compute-1.amazonaws.com
pixel.zprk.io
12    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
p.ad.gt
id.hadron.ad.gt
1    108.128.207.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-207-160.eu-west-1.compute.amazonaws.com
p.cpx.to
1    52.85.132.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-6.iad50.r.cloudfront.net
ats.rlcdn.com
1    138.197.60.79 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
trk.kissmetrics.io
1    2600:9000:24f4:f400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
15    23.56.220.247 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-220-247.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com
hb.brainlyads.com
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    172.253.115.149 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f149.1e100.net
ad.doubleclick.net
4    2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)
046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com
3    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
4    2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
13    52.85.151.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-96.iad89.r.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
6    13.249.42.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-42-27.iad89.r.cloudfront.net
c.amazon-adsystem.com
12    44.206.145.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-145-94.compute-1.amazonaws.com
s2l.sendtonews.com
2    52.73.22.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-22-220.compute-1.amazonaws.com
www.i.matheranalytics.com
3    34.205.113.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-113-238.compute-1.amazonaws.com
ping.chartbeat.net
3    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
7    2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
pubads.g.doubleclick.net
1    23.56.221.132 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-221-132.deploy.static.akamaitechnologies.com
widgets.outbrain.com
5    213.239.211.175 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213.239.211.175.clients.your-server.de
api.assertcom.de
3    2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
12    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
ids.ad.gt
pixels.ad.gt
27    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
33    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
120    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
pixel-us-east.rubiconproject.com
19    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
50    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
cm.g.doubleclick.net
18    54.164.14.168 (United States)

ASN- ()
PTR: ec2-54-164-14-168.compute-1.amazonaws.com
match.prod.bidr.io
7    2607:f350:3:2569:0:10:0:d (United States)

ASN- ()
sync.go.sonobi.com
6    54.172.142.205 (Ashburn, United States)

ASN- ()
PTR: ec2-54-172-142-205.compute-1.amazonaws.com
dpm.demdex.net
2    184.28.44.83 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-44-83.deploy.static.akamaitechnologies.com
t.teads.tv
2    142.251.163.154 (United States)

ASN- ()
PTR: wv-in-f154.1e100.net
adclick.g.doubleclick.net
bid.g.doubleclick.net
1    2606:4700:20::681a:7e (United States)

ASN13335 (CLOUDFLARENET, US)
increaserev.com
4    2607:f8b0:4004:c0b::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
8    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
7    20.114.189.135 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
v.clarity.ms
1    13.32.151.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-81.iad66.r.cloudfront.net
geo.privacymanager.io
2    35.244.184.131 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 131.184.244.35.bc.googleusercontent.com
snowplow.ownlocal.com
4    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
15    2a02:b48:9001::1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn59755463.blazingcdn.net
9    2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    54.174.200.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-200-239.compute-1.amazonaws.com
api.payvibe.com
2    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
14    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
ch-trc-events.taboola.com
ch-match.taboola.com
ch-vid-events.taboola.com
2    2400:52e0:1a00::894:1 (Chicago, United States)

ASN- ()
cdn.materialdesignicons.com
7    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    2606:4700:3038::6815:eaea (United States)

ASN13335 (CLOUDFLARENET, US)
rsms.me
1    13.249.39.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-55.iad89.r.cloudfront.net
player.sendtonews.com
7    2606:4700:20::681a:13e (United States)

ASN13335 (CLOUDFLARENET, US)
tags.qortex.ai
demand.qortex.ai
2    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
1    34.206.99.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-99-162.compute-1.amazonaws.com
id.sv.rkdms.com
7    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
8    2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2607:f8b0:4004:c1d::94 (Washington, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
14    2607:f8b0:4004:c06::9c (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    18.160.10.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-101.iad12.r.cloudfront.net
config.aps.amazon-adsystem.com
14    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
20    184.87.56.223 (New York, United States)

ASN- ()
PTR: a184-87-56-223.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
50    23.39.177.103 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-177-103.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
16    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
2    34.193.193.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-193-20.compute-1.amazonaws.com
id.crwdcntrl.net
sync.crwdcntrl.net
38    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
7    2620:112:f002:bbbb::21 (United States)

ASN- ()
ad.turn.com
44    67.202.105.23 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
8    67.202.105.34 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
de.tynt.com
15    3.227.185.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-185-122.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
cs.yellowblue.io
1    104.16.80.121 (None, )

ASN13335 (CLOUDFLARENET, US)
cs.seedtag.com
13    34.235.75.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-75-11.compute-1.amazonaws.com
match.sharethrough.com
2    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
11    35.214.181.122 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 122.181.214.35.bc.googleusercontent.com
csync.loopme.me
3    172.240.155.116 (United States)

ASN- ()
sync.colossusssp.com
5    23.7.29.146 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-29-146.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
3    63.251.28.133 (Secaucus, United States)

ASN- ()
ads.stickyadstv.com
60    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
24    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
6    216.22.16.36 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync.smartadserver.com
8    52.72.225.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-225-207.compute-1.amazonaws.com
ads.yieldmo.com
14    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    23.39.176.28 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-176-28.deploy.static.akamaitechnologies.com
contextual.media.net
5    2606:4700::6813:9e13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
9    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
14    2600:1f18:4e9:5a07:8d75:79f2:fdf1:69ff (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
47    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
19    52.202.180.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-180-1.compute-1.amazonaws.com
i.liadm.com
2    13.32.151.31 (United States)

ASN- ()
PTR: server-13-32-151-31.iad66.r.cloudfront.net
live.rezync.com
7    199.38.167.130 (United States)

ASN- ()
p.rfihub.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    34.160.19.107 (Kansas City, United States)

ASN- ()
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
4    192.132.33.67 (United States)

ASN- ()
PTR: NET-33-132-192.67.bidtellect.com
bttrack.com
9    52.5.138.9 (Ashburn, United States)

ASN- ()
PTR: ec2-52-5-138-9.compute-1.amazonaws.com
pm.w55c.net
i.w55c.net
5    52.214.64.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-64-222.eu-west-1.compute.amazonaws.com
s.cpx.to
11    23.222.197.151 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-197-151.deploy.static.akamaitechnologies.com
sync.teads.tv
at.teads.tv
82    2606:4700:20::681a:3e (United States)

ASN13335 (CLOUDFLARENET, US)
events.qortex.ai
demand.qortex.ai
2    2606:4700:e4::ac40:a917 (United States)

ASN13335 (CLOUDFLARENET, US)
api.fouanalytics.com
3    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
12    51.222.239.232 (Canada)

ASN16276 (OVH, FR)
PTR: ip232.ip-51-222-239.net
onetag-sys.com
7    34.149.40.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
1    192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper
cat.hbwrapper.com
1    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.com
3    54.161.113.161 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-113-161.compute-1.amazonaws.com
p2.gcprivacy.com
7    69.194.240.11 (United States)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
3    69.173.151.96 (United States)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
3    13.249.39.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-73.iad89.r.cloudfront.net
hb.undertone.com
4    34.194.35.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-35-34.compute-1.amazonaws.com
tlx.3lift.com
4    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    108.138.66.130 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-66-130.iad12.r.cloudfront.net
aax.amazon-adsystem.com
5    35.207.24.140 (North Charleston, United States)

ASN- ()
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
20    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
cms-xch-chicago.33across.com
18    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
13    2606:ae80:1471:13::730 (United States)

ASN- ()
33across-match.dotomi.com
prebid-match.dotomi.com
casale-match.dotomi.com
pubmatic-match.dotomi.com
rubicon-match.dotomi.com
pulsepoint-match.dotomi.com
retargetly-match.dotomi.com
amazon-tam-match.dotomi.com
openx2-match.dotomi.com
triplelift-match.dotomi.com
59    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
15    54.146.92.239 (Ashburn, United States)

ASN- ()
PTR: ec2-54-146-92-239.compute-1.amazonaws.com
sync.srv.stackadapt.com
45    172.98.26.246 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-iad04.e-planning.net
sync.e-planning.net
9    74.119.119.150 (United States)

ASN- ()
dis.criteo.com
2    52.0.156.250 (Ashburn, United States)

ASN- ()
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadm.exelator.com
2    2a02:6ea0:e200::2 (Ashburn, United States)

ASN60068 (CDN77 ^_^, GB)
load77.exelator.com
vid.vidoomy.com
6    23.45.145.114 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-145-114.deploy.static.akamaitechnologies.com
tags.bluekai.com
x.dlx.addthis.com
stags.bluekai.com
3    13.249.39.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-110.iad89.r.cloudfront.net
aa.agkn.com
1    54.173.88.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-88-168.compute-1.amazonaws.com
beacon.krxd.net
2    54.82.127.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-127-194.compute-1.amazonaws.com
sync.springserve.com
3    2600:1408:c400:29::17da:da4d (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
csync.smartadserver.com
15    138.201.8.249 (Ergolding, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.249.8.201.138.clients.your-server.de
sync.richaudience.com
27    3.13.55.213 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-55-213.us-east-2.compute.amazonaws.com
visitor.omnitagjs.com
visitor-us-east-2.omnitagjs.com
13    23.105.12.136 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.smartadserver.com
rtb-csync.smartadserver.com
15    70.42.32.159 (United States)

ASN- ()
PTR: ny.outbrain.com
b1sync.zemanta.com
3    35.211.118.13 (North Charleston, United States)

ASN- ()
PTR: 13.118.211.35.bc.googleusercontent.com
r.bidswitch.net
1    54.243.186.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-186-52.compute-1.amazonaws.com
ad.360yield.com
6    37.157.6.232 (Denmark)

ASN- ()
cm.adform.net
track.adform.net
1    47.252.78.131 (United States)

ASN- ()
event.clientgear.com
7    185.184.8.90 (Amsterdam, Netherlands)

ASN- ()
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    82.145.213.8 (Norway)

ASN- ()
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
5    2600:9000:244d:2200:17:5bae:c7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.instiengage.com
8    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    184.25.146.64 (New York, United States)

ASN- ()
PTR: a184-25-146-64.deploy.static.akamaitechnologies.com
cs.media.net
3    207.198.113.230 (Herndon, United States)

ASN- ()
pixel.sitescout.com
2    8.2.110.17 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
4    172.98.26.242 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
8    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    3.93.30.112 (Ashburn, United States)

ASN- ()
PTR: ec2-3-93-30-112.compute-1.amazonaws.com
rtb.om-meta.com
3    35.173.160.65 (Ashburn, United States)

ASN- ()
PTR: ec2-35-173-160-65.compute-1.amazonaws.com
ssp.disqus.com
2    34.199.187.121 (Ashburn, United States)

ASN- ()
PTR: ec2-34-199-187-121.compute-1.amazonaws.com
cookies.nextmillmedia.com
4    35.211.233.246 (North Charleston, United States)

ASN- ()
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
3    8.2.110.161 (United States)

ASN- ()
cm-x.mgid.com
2    47.253.61.56 (United States)

ASN- ()
gw-iad-bid.ymmobi.com
5    216.200.232.253 (Frederick, United States)

ASN- ()
sync.mathtag.com
1    2600:1408:c400:29::17da:da4b (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
1    3.162.103.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-103-27.iad61.r.cloudfront.net
api-2-0.spot.im
2    45.137.176.88 (France)

ASN- ()
sync.adotmob.com
2    23.108.102.14 (Jurong Town, Singapore)

ASN- ()
inv-nets.admixer.net
9    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
7    131.153.242.59 (United States)

ASN19437 (SS-ASH, US)
id.a-mx.com
c3.a-mo.net
id.rtb.mx
7    5.161.188.99 (Ashburn, United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.99.188.161.5.clients.your-server.de
sync-dmp.mobtrakk.com
2    134.122.57.34 (Amsterdam, Netherlands)

ASN- ()
match.adsby.bidtheatre.com
1    104.36.115.123 (United States)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
5    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    35.211.243.123 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 123.243.211.35.bc.googleusercontent.com
grid.bidswitch.net
1    208.115.232.150 (United States)

ASN46475 (LIMESTONENETWORKS, US)
PTR: 150-232-115-208.static.reverse.lstn.net
shb.richaudience.com
1    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
1    2607:4f00:932::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    8.2.111.111 (United States)

ASN46636 (NATCOWEB, US)
smartssp-us-east.iqzone.com
1    104.154.142.214 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
3    172.240.127.128 (United States)

ASN- ()
ads.betweendigital.com
1    8.39.36.142 (United States)

ASN- ()
pixel-us-west.rubiconproject.com
1    34.197.115.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-115-132.compute-1.amazonaws.com
fid.agkn.com
1    108.138.85.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-19.iad12.r.cloudfront.net
p.gcprivacy.com
2    2600:1f18:61c0:2204:f86a:1dc2:9c08:7629 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
5    38.91.45.7 (Ashburn, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    54.239.33.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    2600:9000:201e:3c00:1a:5235:f980:93a1 (United States)

ASN- ()
live.primis.tech
2    2600:9000:2269:2e00:1b:6b7d:2300:93a1 (United States)

ASN- ()
sync.intentiq.com
1    18.67.65.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-75.iad89.r.cloudfront.net
sync1.intentiq.com
1    23.45.13.203 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-13-203.deploy.static.akamaitechnologies.com
hb.yahoo.net
12    63.251.86.50 (United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
8    52.71.68.246 (Ashburn, United States)

ASN- ()
PTR: ec2-52-71-68-246.compute-1.amazonaws.com
sync.ipredictive.com
1    52.0.205.209 (Ashburn, United States)

ASN- ()
PTR: ec2-52-0-205-209.compute-1.amazonaws.com
rtb.adstanding.com
1    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
1    50.17.122.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-122-21.compute-1.amazonaws.com
exchange.mediavine.com
8    2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
cms.quantserve.com
pixel.quantserve.com
2    34.107.217.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.217.107.34.bc.googleusercontent.com
static.anonymised.io
3    2606:4700:10::6816:118d (United States)

ASN13335 (CLOUDFLARENET, US)
api.retargetly.com
pdp-service.retargetly.com
1    2603:c020:400d:3000:b5b3:7157:5b47:80e4 (Ashburn, United States)

ASN- ()
sync.technoratimedia.com
5    173.231.184.20 (United States)

ASN- ()
PTR: lga-cassandra-1.sys.adgear.com
cm.adgrx.com
1    192.96.203.13 (Dunellen, United States)

ASN- ()
sync.aralego.com
4    3.89.188.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-188-37.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
9    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    69.90.254.78 (Herndon, United States)

ASN- ()
ums.acuityplatform.com
1    139.162.117.143 (Tokyo, Japan)

ASN- ()
PTR: li1601-143.members.linode.com
gocm.c.appier.net
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
9    34.150.170.96 (Washington, United States)

ASN- ()
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
6    3.223.16.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-16-170.compute-1.amazonaws.com
rtb.adentifi.com
4    38.98.69.175 (North Bergen, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
oxp.mxptint.net
9    207.198.113.87 (Herndon, United States)

ASN- ()
pixel-sync.sitescout.com
6    2607:f8b0:4023:1004::5e (Fort Worth, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
7    18.160.46.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-85.iad55.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
5    2600:9000:2305:3400:1b:5138:8a40:93a1 (United States)

ASN- ()
s.ad.smaato.net
3    35.208.249.213 (Council Bluffs, United States)

ASN- ()
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
gtrace.mediago.io
3    34.202.106.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-106-54.compute-1.amazonaws.com
cs.yellowblue.io
cs-server-s2s.yellowblue.io
4    3.222.45.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-45-79.compute-1.amazonaws.com
rtb.gumgum.com
4    2620:100:a001::1d (United States)

ASN19750 (AS-CRITEO, US)
ssp-sync.criteo.com
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    34.200.63.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-63-182.compute-1.amazonaws.com
idx.liadm.com
1    64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
23    3.224.6.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-6-94.compute-1.amazonaws.com
cs.minutemedia-prebid.com
4    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    96.46.186.182 (United States)

ASN7979 (SERVERS-COM, US)
sync.aniview.com
1    85.114.159.118 (Loerrach, Germany)

ASN- ()
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid-s2s.media.net
2    35.174.112.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-112-174.compute-1.amazonaws.com
crb.kargo.com
1    35.170.7.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-7-97.compute-1.amazonaws.com
usr.undertone.com
1    38.68.201.140 (Ashburn, United States)

ASN- ()
rbp.mxptint.net
1    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
3    2606:ae80:1471:16::820 (United States)

ASN25751 (VALUECLICK, US)
match.sync.ad.cpe.dotomi.com
proc.ad.cpe.dotomi.com
web.hb.ad.cpe.dotomi.com
1    3.92.12.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-12-163.compute-1.amazonaws.com
sync.ex.co
1    34.95.81.168 (Kansas City, United States)

ASN- ()
PTR: 168.81.95.34.bc.googleusercontent.com
rubiconcm.digitaleast.mobi
2    35.210.53.219 (Brussels, Belgium)

ASN- ()
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
9    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
1    3.128.106.141 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-128-106-141.us-east-2.compute.amazonaws.com
visitor-us-east-2.omnitagjs.com
6    2607:f8b0:4004:c1d::cf (Washington, United States)

ASN15169 (GOOGLE, US)
storage.googleapis.com
3    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-kube-ownlocal.cloudfunctions.net
1    2600:9000:201e:b400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    213.19.162.90 (United Kingdom)

ASN- ()
pixel-eu.rubiconproject.com
4    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
2    18.160.10.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-82.iad12.r.cloudfront.net
cm.smadex.com
4    143.244.208.184 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sid.storygize.net
4    100.25.25.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-25-103.compute-1.amazonaws.com
bpi.rtactivate.com
1    2606:4700:4400::6812:2412 (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
1    23.21.51.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-51-122.compute-1.amazonaws.com
aorta.clickagy.com
12    2606:4700:10::ac43:8f4 (United States)

ASN13335 (CLOUDFLARENET, US)
pdp-cdn.retargetly.com
api.retargetly.com
app.retargetly.com
pdp-service.retargetly.com
1    34.120.58.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.58.120.34.bc.googleusercontent.com
americanhometownmedia.com
22    35.172.99.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-99-217.compute-1.amazonaws.com
usersync.gumgum.com
3    52.23.23.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-23-251.compute-1.amazonaws.com
ads.creative-serving.com
2    15.197.179.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: a938864f9581ea3da.awsglobalaccelerator.com
aggle.net
2    52.73.4.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-4-162.compute-1.amazonaws.com
um4.eqads.com
3    124.146.153.162 (Miyado, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
3    184.86.146.172 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-86-146-172.deploy.static.akamaitechnologies.com
px.owneriq.net
2    50.17.254.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-254-219.compute-1.amazonaws.com
thrtle.com
1    52.44.250.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-250-119.compute-1.amazonaws.com
sync.bfmio.com
16    3.226.158.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-158-19.compute-1.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    18.160.10.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-111.iad12.r.cloudfront.net
synchroscript.deliveryengine.adswizz.com
1    2600:9000:2501:de00:17:c484:6380:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-tam.minutemedia-prebid.com
1    99.84.108.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-111.iad79.r.cloudfront.net
idsyncmxedge.com
1    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
2    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
5    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
1    2600:1f18:ed:550f:9eb9:354c:5ca7:7a69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
6    34.233.109.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-109-59.compute-1.amazonaws.com
io.narrative.io
4    52.17.153.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-153-143.eu-west-1.compute.amazonaws.com
a.audrte.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
2    141.94.171.216 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh
pixel.onaudience.com
3    18.214.54.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-54-215.compute-1.amazonaws.com
ps.eyeota.net
2    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
11    2607:f8b0:4004:c0b::84 (Ashburn, United States)

ASN- ()
tpc.googlesyndication.com
3    2607:f8b0:4004:c07::9a (Washington, United States)

ASN- ()
googleads.g.doubleclick.net
2    2600:9000:208f:f800:3:4706:a6c0:93a1 (United States)

ASN- ()
cti.w55c.net
1    192.0.77.40 (San Francisco, United States)

ASN- ()
PTR: assets.tumblr.com
www.tumblr.com
1    172.104.105.5 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1715-5.members.linode.com
rcp.c.appier.net
1    54.156.229.21 (Ashburn, United States)

ASN- ()
PTR: ec2-54-156-229-21.compute-1.amazonaws.com
tags.w55c.net
1    2620:100:a001::24 (United States)

ASN- ()
ads.us.criteo.com
1    20.253.86.149 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    2620:100:a001::3 (United States)

ASN- ()
rtb.va.us.criteo.com
1    74.119.119.147 (United States)

ASN- ()
cat.va.us.criteo.com
1    2620:100:a001::9 (United States)

ASN- ()
imageproxy.us.criteo.net
3    2620:100:a001::16 (United States)

ASN- ()
csm.us.criteo.net
4    35.168.119.229 (None, )

ASN- ()
event.instiengage.com
1    68.67.153.61 (None, )

ASN- ()
prebid.adnxs.com
1    23.46.192.28 (None, )

ASN- ()
hbx.media.net
9    23.227.146.18 (None, )

ASN- ()
sync.adtelligent.com
13    104.22.68.131 (None, )

ASN- ()
csync.smilewanted.com
static.smilewanted.com
1    2620:1ec:c11::200 (None, )

ASN- ()
c.bing.com
1    2600:1f18:765:4800:7681:18d0:4c60:ba77 (None, )

ASN- ()
pxl.iqm.com
1    8.2.110.206 (None, )

ASN- ()
cs.mobfox.com
1    178.250.7.11 (None, )

ASN- ()
dis.eu.criteo.com
4    3.223.218.249 (None, )

ASN- ()
ice.360yield.com
1    2607:4f00:940::2 (None, )

ASN- ()
s.adtelligent.com
1    54.176.146.78 (None, )

ASN- ()
usync.vrtcal.com
1    8.2.110.33 (None, )

ASN- ()
us.shb-sync.com
1    51.83.220.94 (None, )

ASN- ()
a4p.adpartner.pro
1    23.19.226.83 (None, )

ASN- ()
sync.lunamedia.live
2    185.184.10.30 (None, )

ASN- ()
us.creativecdn.com
1    100.26.123.236 (None, )

ASN- ()
protected-by.clarium.io
1    2600:1f18:612b:4232:8e14:fb12:eab5:43f8 (None, )

ASN- ()
google.partners.tremorhub.com
1    2607:f8b0:4004:c09::8b (None, )

ASN- ()
gcdn.2mdn.net
2    2607:f8b0:4000:9::8 (None, )

ASN- ()
r3---sn-q4fzen7e.c.2mdn.net
7    54.85.146.200 (None, )

ASN- ()
partner.mediawallahscript.com
1    51.222.241.100 (None, )

ASN- ()
ws.rqtrk.eu
1    34.228.135.33 (None, )

ASN- ()
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
1    44.198.190.216 (None, )

ASN- ()
event.hgrtb.com
1    2a04:4e42:400::300 (None, )

ASN- ()
trc.taboola.com
Apex Domain
Subdomains		 Transfer
200 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 791
token.rubiconproject.com — Cisco Umbrella Rank: 744
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1520
eus.rubiconproject.com — Cisco Umbrella Rank: 951
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1222
pixel.rubiconproject.com — Cisco Umbrella Rank: 620
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 7094
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 2017
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2989
455 KB
90 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 811
image2.pubmatic.com — Cisco Umbrella Rank: 1555
image8.pubmatic.com — Cisco Umbrella Rank: 1098
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 766
image6.pubmatic.com — Cisco Umbrella Rank: 1215
simage2.pubmatic.com — Cisco Umbrella Rank: 1499
ow.pubmatic.com — Cisco Umbrella Rank: 2373
image4.pubmatic.com — Cisco Umbrella Rank: 2201
simage4.pubmatic.com — Cisco Umbrella Rank: 1864
254 KB
90 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1255
trc.taboola.com — Cisco Umbrella Rank: 960
trc-events.taboola.com — Cisco Umbrella Rank: 2320
vidstat.taboola.com — Cisco Umbrella Rank: 3607
ch-trc-events.taboola.com — Cisco Umbrella Rank: 4943
images.taboola.com — Cisco Umbrella Rank: 1897
imprchmp.taboola.com — Cisco Umbrella Rank: 7549
ch-match.taboola.com — Cisco Umbrella Rank: 8088
ch-vid-events.taboola.com — Cisco Umbrella Rank: 7156
pips.taboola.com — Cisco Umbrella Rank: 1936
sync.taboola.com — Cisco Umbrella Rank: 1916
cds.taboola.com — Cisco Umbrella Rank: 2300
sync-t1.taboola.com
2 MB
89 qortex.ai
tags.qortex.ai — Cisco Umbrella Rank: 48038
events.qortex.ai — Cisco Umbrella Rank: 34200
demand.qortex.ai — Cisco Umbrella Rank: 63400
208 KB
89 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
ad.doubleclick.net — Cisco Umbrella Rank: 199
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
adclick.g.doubleclick.net — Cisco Umbrella Rank: 5608
pubads.g.doubleclick.net — Cisco Umbrella Rank: 357
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
bid.g.doubleclick.net
665 KB
83 33across.com
ssc.33across.com — Cisco Umbrella Rank: 6391
cdn-ima.33across.com — Cisco Umbrella Rank: 1919
lexicon.33across.com — Cisco Umbrella Rank: 2501
ssc-cms.33across.com — Cisco Umbrella Rank: 1511
events-ssc.33across.com — Cisco Umbrella Rank: 2724
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 10658
33 KB
64 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
r.bidswitch.net — Cisco Umbrella Rank: 15630
grid.bidswitch.net — Cisco Umbrella Rank: 1632
26 KB
63 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 991
eb2.3lift.com — Cisco Umbrella Rank: 731
32 KB
60 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 359
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925
s.amazon-adsystem.com — Cisco Umbrella Rank: 398
aax.amazon-adsystem.com — Cisco Umbrella Rank: 464
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 923
190 KB
60 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
secure.adnxs.com — Cisco Umbrella Rank: 793
acdn.adnxs.com — Cisco Umbrella Rank: 957
prebid.adnxs.com
96 KB
56 openx.net
insticator-d.openx.net — Cisco Umbrella Rank: 39915
u.openx.net — Cisco Umbrella Rank: 1108
us-u.openx.net — Cisco Umbrella Rank: 930
rtb.openx.net — Cisco Umbrella Rank: 1007
eu-u.openx.net
digikulture-d.openx.net
8 KB
53 wpenginepowered.com
staradvertiser.wpenginepowered.com — Cisco Umbrella Rank: 541934
633 KB
49 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 3556
u-iad04.e-planning.net — Cisco Umbrella Rank: 10400
s.e-planning.net — Cisco Umbrella Rank: 10499
sync.e-planning.net — Cisco Umbrella Rank: 7377
11 KB
47 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 757
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
dsum.casalemedia.com — Cisco Umbrella Rank: 2867
ssum.casalemedia.com — Cisco Umbrella Rank: 2058
r.casalemedia.com — Cisco Umbrella Rank: 2571
34 KB
33 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1119
assets.a-mo.net — Cisco Umbrella Rank: 2362
c3.a-mo.net — Cisco Umbrella Rank: 23601
31 KB
32 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
cms.analytics.yahoo.com — Cisco Umbrella Rank: 2418
14 KB
29 googlesyndication.com
046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
391 KB
28 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1124
visitor-us-east-2.omnitagjs.com — Cisco Umbrella Rank: 30947
12 KB
27 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
data.adsrvr.org — Cisco Umbrella Rank: 6961
13 KB
27 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 878
gum.criteo.com — Cisco Umbrella Rank: 597
dis.criteo.com — Cisco Umbrella Rank: 943
ssp-sync.criteo.com — Cisco Umbrella Rank: 1977
mug.criteo.com — Cisco Umbrella Rank: 1867
ads.us.criteo.com — Cisco Umbrella Rank: 5418
rtb.va.us.criteo.com — Cisco Umbrella Rank: 12732
cat.va.us.criteo.com — Cisco Umbrella Rank: 5741
dis.eu.criteo.com
54 KB
27 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 5013
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 3088
cs-tam.minutemedia-prebid.com — Cisco Umbrella Rank: 12982
13 KB
26 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 2293
usersync.gumgum.com — Cisco Umbrella Rank: 3044
8 KB
26 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 998
ce.lijit.com — Cisco Umbrella Rank: 1432
25 KB
25 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 857
13 KB
25 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 4038
sync.crwdcntrl.net — Cisco Umbrella Rank: 1419
tags.crwdcntrl.net — Cisco Umbrella Rank: 1411
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431
61 KB
24 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 2270
cs.seedtag.com — Cisco Umbrella Rank: 14340
17 KB
23 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
1 MB
23 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 7197
4 KB
22 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167
csync.smartadserver.com — Cisco Umbrella Rank: 4310
sync.smartadserver.com — Cisco Umbrella Rank: 2055
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004
28 KB
22 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 708
fonts.googleapis.com — Cisco Umbrella Rank: 115
imasdk.googleapis.com — Cisco Umbrella Rank: 639
storage.googleapis.com — Cisco Umbrella Rank: 682
963 KB
21 liadm.com
i.liadm.com — Cisco Umbrella Rank: 979
idx.liadm.com — Cisco Umbrella Rank: 3327
i6.liadm.com — Cisco Umbrella Rank: 4366
13 KB
21 cloudfront.net
d3plfjw9uod7ab.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
4 MB
20 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2399
targeting.unrulymedia.com — Cisco Umbrella Rank: 1418
6 KB
20 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 3550
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3407
cs.yellowblue.io — Cisco Umbrella Rank: 2654
10 KB
19 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 845
2 KB
19 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 19273
embedcdn.sendtonews.com — Cisco Umbrella Rank: 22328
s2l.sendtonews.com — Cisco Umbrella Rank: 19393
player.sendtonews.com — Cisco Umbrella Rank: 24073
405 KB
18 criteo.net
static.criteo.net — Cisco Umbrella Rank: 894
imageproxy.us.criteo.net — Cisco Umbrella Rank: 5872
csm.us.criteo.net — Cisco Umbrella Rank: 5644
146 KB
18 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 972
8 KB
17 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 658
cdn.id5-sync.com — Cisco Umbrella Rank: 1218
54 KB
17 ad.gt
a.ad.gt — Cisco Umbrella Rank: 2414
p.ad.gt — Cisco Umbrella Rank: 2978
ids.ad.gt — Cisco Umbrella Rank: 2233
id.hadron.ad.gt — Cisco Umbrella Rank: 2163
pixels.ad.gt — Cisco Umbrella Rank: 2669
21 KB
17 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 6056
33across-match.dotomi.com — Cisco Umbrella Rank: 7705
prebid-match.dotomi.com — Cisco Umbrella Rank: 3315
casale-match.dotomi.com — Cisco Umbrella Rank: 6434
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5770
rubicon-match.dotomi.com — Cisco Umbrella Rank: 3560
match.sync.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2584
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 15267
retargetly-match.dotomi.com — Cisco Umbrella Rank: 24974
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 10805
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4184
openx2-match.dotomi.com
triplelift-match.dotomi.com
6 KB
17 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1674
t.teads.tv — Cisco Umbrella Rank: 3253
sync.teads.tv — Cisco Umbrella Rank: 2019
at.teads.tv — Cisco Umbrella Rank: 5198
143 KB
16 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2667
shb.richaudience.com — Cisco Umbrella Rank: 4309
7 KB
16 adform.net
adx2.adform.net — Cisco Umbrella Rank: 18727
c1.adform.net — Cisco Umbrella Rank: 1001
cm.adform.net — Cisco Umbrella Rank: 1664
dmp.adform.net — Cisco Umbrella Rank: 4001
track.adform.net
7 KB
16 instiengage.com
product.instiengage.com — Cisco Umbrella Rank: 42641
geoip.instiengage.com — Cisco Umbrella Rank: 43717
auth.instiengage.com — Cisco Umbrella Rank: 36487
static.instiengage.com — Cisco Umbrella Rank: 51335
cms.instiengage.com — Cisco Umbrella Rank: 67508
event.instiengage.com
154 KB
15 retargetly.com
api.retargetly.com — Cisco Umbrella Rank: 7486
pdp-cdn.retargetly.com — Cisco Umbrella Rank: 13556
app.retargetly.com — Cisco Umbrella Rank: 19801
pdp-service.retargetly.com — Cisco Umbrella Rank: 12234
16 KB
15 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 994
8 KB
15 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1274
5 KB
15 blazingcdn.net
cdn59755463.blazingcdn.net — Cisco Umbrella Rank: 50605
2 MB
15 ownlocal.com
origami.secure.ownlocal.com — Cisco Umbrella Rank: 136223
snowplow.ownlocal.com — Cisco Umbrella Rank: 216973
162 KB
14 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6230
csync.smilewanted.com
static.smilewanted.com
19 KB
14 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 881
12 KB
13 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 797
4 KB
13 google.com
www.google.com — Cisco Umbrella Rank: 6
analytics.google.com — Cisco Umbrella Rank: 266
67 KB
13 insticator.com
geoip.insticator.com — Cisco Umbrella Rank: 49712
event.insticator.com — Cisco Umbrella Rank: 35920
430 B
13 payvibe.com
travel.payvibe.com
api.payvibe.com — Cisco Umbrella Rank: 529628
2 MB
12 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 6020
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1321
8 KB
12 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1105
8 KB
12 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1620
cti.w55c.net — Cisco Umbrella Rank: 4483
i.w55c.net — Cisco Umbrella Rank: 2282
tags.w55c.net — Cisco Umbrella Rank: 5740
23 KB
12 turn.com
ad.turn.com — Cisco Umbrella Rank: 1449
d.turn.com — Cisco Umbrella Rank: 2160
5 KB
12 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 6762
api.rlcdn.com — Cisco Umbrella Rank: 1474
id.rlcdn.com — Cisco Umbrella Rank: 1360
idsync.rlcdn.com — Cisco Umbrella Rank: 764
36 KB
12 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
44 KB
11 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 5923
sync.adtelligent.com
s.adtelligent.com
6 KB
11 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1467
3 KB
11 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2287
mp.4dex.io — Cisco Umbrella Rank: 3130
u.4dex.io — Cisco Umbrella Rank: 4691
29 KB
10 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 4534
sync.go.sonobi.com — Cisco Umbrella Rank: 1696
9 KB
10 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 395
cloudflare.com — Cisco Umbrella Rank: 152
96 KB
9 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 2504
6 KB
9 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1428
4 KB
9 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1559
s.tribalfusion.com — Cisco Umbrella Rank: 3590
5 KB
9 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 809
us.creativecdn.com
6 KB
9 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1396
2 KB
9 media.net
contextual.media.net — Cisco Umbrella Rank: 1093
cs.media.net — Cisco Umbrella Rank: 1972
prebid-s2s.media.net — Cisco Umbrella Rank: 4084
hbx.media.net
3 KB
9 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1280
v.clarity.ms — Cisco Umbrella Rank: 12483
24 KB
8 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 2137
cms.quantserve.com — Cisco Umbrella Rank: 1348
pixel.quantserve.com — Cisco Umbrella Rank: 1736
12 KB
8 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1536
4 KB
8 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 1057
5 KB
8 tynt.com
de.tynt.com — Cisco Umbrella Rank: 2424
16 KB
8 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 274
5 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
597 KB
8 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1888
236 KB
7 mediawallahscript.com
partner.mediawallahscript.com
5 KB
7 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 4814
2 KB
7 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1485
6 KB
7 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 438
584 KB
6 narrative.io
io.narrative.io — Cisco Umbrella Rank: 7234
2 KB
6 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 2030
890 B
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 313
4 KB
6 cpx.to
p.cpx.to — Cisco Umbrella Rank: 14890
s.cpx.to — Cisco Umbrella Rank: 10600
6 KB
6 powerad.ai
powerad.ai — Cisco Umbrella Rank: 34407
reporting.powerad.ai — Cisco Umbrella Rank: 38230
54 KB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1107
p.typekit.net — Cisco Umbrella Rank: 1464
71 KB
5 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1035
2 KB
5 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 10897
rbp.mxptint.net — Cisco Umbrella Rank: 5412
oxp.mxptint.net
3 KB
5 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2472
2 KB
5 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1629
2 KB
5 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 2556
3 KB
5 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 2123
3 KB
5 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 995
ice.360yield.com
2 KB
5 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1932
2 KB
5 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1623
123 KB
5 assertcom.de
api.assertcom.de — Cisco Umbrella Rank: 12819
2 KB
5 polyfill.io
polyfill.io — Cisco Umbrella Rank: 2111
cdn.polyfill.io — Cisco Umbrella Rank: 4433
2 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3399
3 KB
4 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 3291
433 B
4 storygize.net
sid.storygize.net — Cisco Umbrella Rank: 2783
1 KB
4 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2957
766 B
4 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2809
526 B
4 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2881
2 KB
4 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 3766
1 KB
4 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 4833
cs.admanmedia.com — Cisco Umbrella Rank: 1665
2 KB
4 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 973
fid.agkn.com — Cisco Umbrella Rank: 4510
3 KB
4 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 1261
stags.bluekai.com — Cisco Umbrella Rank: 1624
2 KB
4 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 5043
usr.undertone.com — Cisco Umbrella Rank: 3347
2 KB
4 gcprivacy.com
p2.gcprivacy.com — Cisco Umbrella Rank: 21683
p.gcprivacy.com — Cisco Umbrella Rank: 43317
14 KB
4 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1566
1 KB
4 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 407
gcdn.2mdn.net
r3---sn-q4fzen7e.c.2mdn.net
18 KB
4 rsms.me
rsms.me — Cisco Umbrella Rank: 21908
679 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1326
70 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
258 KB
4 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1607
3 KB
4 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 2295
208 KB
4 ay.delivery
jxgdqbxdiycfimegq.ay.delivery — Cisco Umbrella Rank: 39982
118 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 1738
api.btloader.com — Cisco Umbrella Rank: 1905
25 KB
4 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 19579
www.i.matheranalytics.com — Cisco Umbrella Rank: 19286
43 KB
4 analyticssystems.net
analyticssystems.net — Cisco Umbrella Rank: 21171
2 KB
4 amazonaws.com
sa-media.s3.us-east-1.amazonaws.com — Cisco Umbrella Rank: 662649
sa-media.s3.amazonaws.com — Cisco Umbrella Rank: 572577
59 KB
4 staradvertiser.com
www.staradvertiser.com — Cisco Umbrella Rank: 257585
42 KB
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1645
2 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 3952
2 KB
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 2129
3 KB
3 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 8090
2 KB
3 cloudfunctions.net
us-central1-kube-ownlocal.cloudfunctions.net — Cisco Umbrella Rank: 216504
531 B
3 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1925
gtrace.mediago.io — Cisco Umbrella Rank: 6276
648 B
3 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1479
sync1.intentiq.com — Cisco Umbrella Rank: 2959
3 KB
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2456
2 KB
3 mgid.com
cm-x.mgid.com — Cisco Umbrella Rank: 6389
2 KB
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2608
617 B
3 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1758
2 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 3106
load77.exelator.com — Cisco Umbrella Rank: 6128
2 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1338
845 B
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 958
1 KB
3 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 2493
2 KB
3 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2313
29 KB
3 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1643
602 B
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1067
15 KB
3 kissmetrics.io
i.kissmetrics.io — Cisco Umbrella Rank: 140043
scripts.kissmetrics.io — Cisco Umbrella Rank: 106192
trk.kissmetrics.io — Cisco Umbrella Rank: 84516
27 KB
3 knottyswing.com
knottyswing.com — Cisco Umbrella Rank: 286510
49 KB
3 cityspark.com
cdn.cityspark.com — Cisco Umbrella Rank: 62666
cdn-p.cityspark.com — Cisco Umbrella Rank: 45266
76 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 2311
mab.chartbeat.com — Cisco Umbrella Rank: 3573
26 KB
2 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 4580
1 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3785
797 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2396
1 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 2386
684 B
2 eqads.com
um4.eqads.com — Cisco Umbrella Rank: 4643
421 B
2 aggle.net
aggle.net — Cisco Umbrella Rank: 29291
3 KB
2 smadex.com
cm.smadex.com — Cisco Umbrella Rank: 3977
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 7847
747 B
2 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1708
717 B
2 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 4327
rcp.c.appier.net — Cisco Umbrella Rank: 4406
835 B
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 2278
1 KB
2 anonymised.io
static.anonymised.io — Cisco Umbrella Rank: 30719
33 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1732
522 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
983 B
2 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 3039
1 KB
2 adroll.com
d.adroll.com — Cisco Umbrella Rank: 2450
362 B
2 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3435
1 KB
2 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2711
1 KB
2 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 2147
1 KB
2 ymmobi.com
gw-iad-bid.ymmobi.com — Cisco Umbrella Rank: 11923
535 B
2 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 4166
408 B
2 om-meta.com
rtb.om-meta.com — Cisco Umbrella Rank: 12298
485 B
2 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 4397
412 B
2 fouanalytics.com
api.fouanalytics.com — Cisco Umbrella Rank: 18395
793 B
2 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2988
368 B
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2302
2 KB
2 materialdesignicons.com
cdn.materialdesignicons.com — Cisco Umbrella Rank: 69042
1 KB
2 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2247
sync.outbrain.com — Cisco Umbrella Rank: 1287
2 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1774
1 KB
2 brainlyads.com
hb.brainlyads.com — Cisco Umbrella Rank: 5598
223 KB
2 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 33918
cdn.firstimpression.io — Cisco Umbrella Rank: 32291
100 KB
2 aamsitecertifier.com
aamcftag.aamsitecertifier.com — Cisco Umbrella Rank: 334271
aamcf.aamsitecertifier.com — Cisco Umbrella Rank: 156519
28 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1761
43 KB
1 hgrtb.com
event.hgrtb.com
260 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
304 B
1 rqtrk.eu
ws.rqtrk.eu
410 B
1 tremorhub.com
google.partners.tremorhub.com
636 B
1 clarium.io
protected-by.clarium.io
244 B
1 lunamedia.live
sync.lunamedia.live
702 B
1 vidoomy.com
vid.vidoomy.com
1 adpartner.pro
a4p.adpartner.pro
340 B
1 shb-sync.com
us.shb-sync.com
581 B
1 vrtcal.com
usync.vrtcal.com
257 B
1 mobfox.com
cs.mobfox.com
573 B
1 iqm.com
pxl.iqm.com
527 B
1 bing.com
c.bing.com
688 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 7777
462 B
1 tumblr.com
www.tumblr.com — Cisco Umbrella Rank: 8608
1 KB
1 idsyncmxedge.com
idsyncmxedge.com — Cisco Umbrella Rank: 14125
serverf5.idsyncmxedge.com Failed
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 5299
201 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 3080
425 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 8481
277 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 12362
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 7580
360 B
1 americanhometownmedia.com
americanhometownmedia.com — Cisco Umbrella Rank: 96354
103 KB
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 3645
653 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 3888
557 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1945
643 B
1 digitaleast.mobi
rubiconcm.digitaleast.mobi — Cisco Umbrella Rank: 4681
268 B
1 ex.co
sync.ex.co — Cisco Umbrella Rank: 4141
388 B
1 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3547
405 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2052
478 B
1 aniview.com
sync.aniview.com — Cisco Umbrella Rank: 2343
253 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 9298
1 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 3673
473 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 3411
4 KB
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1753
186 B
1 t13.io
s2s.t13.io — Cisco Umbrella Rank: 3010
442 B
1 adstanding.com
rtb.adstanding.com — Cisco Umbrella Rank: 17843
360 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 1385
650 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2303
555 B
1 rtb.mx
id.rtb.mx — Cisco Umbrella Rank: 4918
477 B
1 lockerdome.com
lockerdome.com — Cisco Umbrella Rank: 14624
342 B
1 iqzone.com
smartssp-us-east.iqzone.com — Cisco Umbrella Rank: 35383
cs.smartssp.iqzone.com Failed
249 B
1 spot.im
api-2-0.spot.im — Cisco Umbrella Rank: 3351
456 B
1 sascdn.com
ced-ns.sascdn.com — Cisco Umbrella Rank: 3475
3 KB
1 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 5654
285 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 1173
337 B
1 hbwrapper.com
cat.hbwrapper.com — Cisco Umbrella Rank: 24969
267 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 1480
569 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 8684
276 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 2674
610 B
1 increaserev.com
increaserev.com — Cisco Umbrella Rank: 277359
193 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 988
481 B
1 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 25780
3 KB
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 39298
2 KB
1 scribblestring.com
scribblestring.com — Cisco Umbrella Rank: 142278
4 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 3722
66 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 5818
175 KB
1 jwplatform.com
content.jwplatform.com — Cisco Umbrella Rank: 4954
44 KB
0 usbrowserspeed.com Failed
a.usbrowserspeed.com Failed
0 mdhv.io Failed
jelly.mdhv.io Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 adsymptotic.com Failed
p.adsymptotic.com Failed
1750 243
Domain Requested by
79 pixel.rubiconproject.com 37 redirects www.staradvertiser.com
ads.us.e-planning.net
eus.rubiconproject.com
63 events.qortex.ai tags.qortex.ai
d3plfjw9uod7ab.cloudfront.net
60 x.bidswitch.net 57 redirects ads.us.e-planning.net
www.staradvertiser.com
59 eb2.3lift.com 12 redirects www.staradvertiser.com
ads.us.e-planning.net
eb2.3lift.com
adclick.g.doubleclick.net
53 staradvertiser.wpenginepowered.com www.staradvertiser.com
staradvertiser.wpenginepowered.com
d3plfjw9uod7ab.cloudfront.net
50 eus.rubiconproject.com www.staradvertiser.com
d3lcz8vpax4lo2.cloudfront.net
eus.rubiconproject.com
cs-server-s2s.yellowblue.io
ex.ingage.tech
de.tynt.com
cs.seedtag.com
assets.a-mo.net
ads.us.e-planning.net
visitor.omnitagjs.com
s.amazon-adsystem.com
embed.sendtonews.com
sync.adkernel.com
rtb.gumgum.com
cs-tam.minutemedia-prebid.com
adclick.g.doubleclick.net
ch-match.taboola.com
sync.richaudience.com
50 cm.g.doubleclick.net 25 redirects www.staradvertiser.com
us-u.openx.net
sync.teads.tv
eb2.3lift.com
rtb.gumgum.com
bcp.crwdcntrl.net
googleads.g.doubleclick.net
ads.yieldmo.com
046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
47 s.amazon-adsystem.com 2 redirects us-u.openx.net
ssum-sec.casalemedia.com
c.amazon-adsystem.com
www.staradvertiser.com
s.amazon-adsystem.com
ads.pubmatic.com
u.openx.net
match.sharethrough.com
bh.contextweb.com
ce.lijit.com
cs-tam.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
eb2.3lift.com
ssum.casalemedia.com
45 images.taboola.com www.staradvertiser.com
44 ssc-cms.33across.com 26 redirects d3lcz8vpax4lo2.cloudfront.net
de.tynt.com
cs.seedtag.com
www.staradvertiser.com
adclick.g.doubleclick.net
s.adtelligent.com
42 ib.adnxs.com 21 redirects d3plfjw9uod7ab.cloudfront.net
embed.sendtonews.com
acdn.adnxs.com
www.staradvertiser.com
adclick.g.doubleclick.net
eb2.3lift.com
u.openx.net
s.adtelligent.com
35 us-u.openx.net 7 redirects d3lcz8vpax4lo2.cloudfront.net
us-u.openx.net
de.tynt.com
u.openx.net
www.staradvertiser.com
digikulture-d.openx.net
34 u-iad04.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
ads.pubmatic.com
sync.adkernel.com
33 token.rubiconproject.com 8 redirects eus.rubiconproject.com
www.staradvertiser.com
27 prebid.a-mo.net 2 redirects d3plfjw9uod7ab.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
www.staradvertiser.com
adclick.g.doubleclick.net
26 match.adsrvr.org 23 redirects d3plfjw9uod7ab.cloudfront.net
26 securepubads.g.doubleclick.net www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
travel.payvibe.com
securepubads.g.doubleclick.net
adclick.g.doubleclick.net
www.googletagmanager.com
77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com
www.googletagservices.com
046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
25 sync.1rx.io 25 redirects
24 image8.pubmatic.com 13 redirects ads.pubmatic.com
www.staradvertiser.com
23 cs.minutemedia-prebid.com www.staradvertiser.com
cs-tam.minutemedia-prebid.com
eus.rubiconproject.com
23 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
23 ex.ingage.tech 5 redirects d3plfjw9uod7ab.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
cs-server-s2s.yellowblue.io
ssum-sec.casalemedia.com
www.staradvertiser.com
ads.pubmatic.com
23 s.seedtag.com d3plfjw9uod7ab.cloudfront.net
cs.seedtag.com
www.staradvertiser.com
ads.pubmatic.com
22 usersync.gumgum.com rtb.gumgum.com
ads.pubmatic.com
ads.us.e-planning.net
20 demand.qortex.ai d3plfjw9uod7ab.cloudfront.net
sync.adkernel.com
20 simage2.pubmatic.com 13 redirects www.staradvertiser.com
ads.pubmatic.com
20 secure-assets.rubiconproject.com 20 redirects
19 events-ssc.33across.com de.tynt.com
www.staradvertiser.com
us-u.openx.net
ads.pubmatic.com
19 i.liadm.com 15 redirects www.staradvertiser.com
ssum.casalemedia.com
bcp.crwdcntrl.net
19 pixel.tapad.com 12 redirects www.staradvertiser.com
u.openx.net
api.retargetly.com
ads.yieldmo.com
18 match.prod.bidr.io 16 redirects ads.yieldmo.com
ads.us.e-planning.net
16 ups.analytics.yahoo.com 13 redirects u.openx.net
assets.a-mo.net
eb2.3lift.com
16 id5-sync.com 11 redirects d3plfjw9uod7ab.cloudfront.net
adclick.g.doubleclick.net
cdn.id5-sync.com
15 b1sync.zemanta.com 15 redirects
15 sync.richaudience.com 5 redirects cs.seedtag.com
sync.richaudience.com
adclick.g.doubleclick.net
15 sync.srv.stackadapt.com 13 redirects eb2.3lift.com
15 cdn59755463.blazingcdn.net www.staradvertiser.com
15 secure.adnxs.com 15 redirects
15 ads.pubmatic.com www.staradvertiser.com
d3lcz8vpax4lo2.cloudfront.net
de.tynt.com
cs.seedtag.com
ads.us.e-planning.net
s.amazon-adsystem.com
rtb.gumgum.com
tags.qortex.ai
adclick.g.doubleclick.net
csync.smilewanted.com
14 visitor-us-east-2.omnitagjs.com visitor.omnitagjs.com
www.staradvertiser.com
de.tynt.com
14 visitor.omnitagjs.com 1 redirects cs.seedtag.com
visitor.omnitagjs.com
ssbsync.smartadserver.com
www.staradvertiser.com
14 pr-bh.ybp.yahoo.com 10 redirects us-u.openx.net
ssum.casalemedia.com
www.staradvertiser.com
ssum-sec.casalemedia.com
14 bh.contextweb.com 11 redirects s.amazon-adsystem.com
bh.contextweb.com
14 static.criteo.net d3lcz8vpax4lo2.cloudfront.net
d3plfjw9uod7ab.cloudfront.net
adclick.g.doubleclick.net
ads.us.criteo.com
cdnjs.cloudflare.com
static.criteo.net
14 pagead2.googlesyndication.com imasdk.googleapis.com
77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.staradvertiser.com
www.googletagservices.com
tpc.googlesyndication.com
046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
14 ap.lijit.com 10 redirects d3plfjw9uod7ab.cloudfront.net
visitor.omnitagjs.com
14 cdn.taboola.com www.staradvertiser.com
cdn.taboola.com
13 match.sharethrough.com 7 redirects www.staradvertiser.com
s.amazon-adsystem.com
match.sharethrough.com
13 sync.targeting.unrulymedia.com 10 redirects www.staradvertiser.com
digikulture-d.openx.net
u.openx.net
13 image2.pubmatic.com 10 redirects ads.pubmatic.com
13 d29xw9s9x32j3w.cloudfront.net www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
13 origami.secure.ownlocal.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
cdnjs.cloudflare.com
12 csync.smilewanted.com 1 redirects adclick.g.doubleclick.net
csync.smilewanted.com
ads.pubmatic.com
12 ce.lijit.com www.staradvertiser.com
s.amazon-adsystem.com
ce.lijit.com
12 onetag-sys.com 1 redirects cs-server-s2s.yellowblue.io
cs.seedtag.com
visitor.omnitagjs.com
s.amazon-adsystem.com
ads.us.e-planning.net
cs-tam.minutemedia-prebid.com
sync.adkernel.com
www.staradvertiser.com
12 cs-server-s2s.yellowblue.io d3lcz8vpax4lo2.cloudfront.net
cs-server-s2s.yellowblue.io
visitor.omnitagjs.com
s.amazon-adsystem.com
12 s2l.sendtonews.com d3plfjw9uod7ab.cloudfront.net
12 www.google-analytics.com www.googletagmanager.com
d3plfjw9uod7ab.cloudfront.net
www.staradvertiser.com
www.google-analytics.com
12 www.google.com travel.payvibe.com
d3plfjw9uod7ab.cloudfront.net
www.staradvertiser.com
www.gstatic.com
www.google.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
12 event.insticator.com d3plfjw9uod7ab.cloudfront.net
11 tpc.googlesyndication.com 77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.staradvertiser.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
11 sync.crwdcntrl.net 2 redirects www.staradvertiser.com
ads.pubmatic.com
bcp.crwdcntrl.net
11 csync.loopme.me 10 redirects www.staradvertiser.com
11 ch-trc-events.taboola.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
11 ids.ad.gt 1 redirects www.staradvertiser.com
11 fonts.googleapis.com www.staradvertiser.com
travel.payvibe.com
d3plfjw9uod7ab.cloudfront.net
embed.sendtonews.com
client
origami.secure.ownlocal.com
046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
9 sync.adtelligent.com adclick.g.doubleclick.net
de.tynt.com
s.adtelligent.com
ads.us.e-planning.net
9 sync.adkernel.com ads.us.e-planning.net
sync.adkernel.com
d3plfjw9uod7ab.cloudfront.net
www.staradvertiser.com
9 pixel-sync.sitescout.com 9 redirects
9 um.simpli.fi 9 redirects
9 dis.criteo.com 9 redirects
9 sync.teads.tv 3 redirects d3plfjw9uod7ab.cloudfront.net
sync.teads.tv
api.retargetly.com
9 sync-tm.everesttech.net 8 redirects ads.pubmatic.com
9 fonts.gstatic.com fonts.googleapis.com
www.google.com
9 ssc.33across.com d3plfjw9uod7ab.cloudfront.net
adclick.g.doubleclick.net
9 cdnjs.cloudflare.com www.staradvertiser.com
origami.secure.ownlocal.com
cdn.cityspark.com
embed.sendtonews.com
ads.us.criteo.com
8 pixel-us-east.rubiconproject.com 8 redirects
8 sync.ipredictive.com 8 redirects
8 sync.e-planning.net ads.us.e-planning.net
eb2.3lift.com
rtb.gumgum.com
8 rtb.openx.net 6 redirects adclick.g.doubleclick.net
us-u.openx.net
8 image6.pubmatic.com 1 redirects ads.pubmatic.com
8 ads.yieldmo.com 3 redirects adclick.g.doubleclick.net
www.staradvertiser.com
ads.yieldmo.com
8 ssum-sec.casalemedia.com 4 redirects d3lcz8vpax4lo2.cloudfront.net
ssum.casalemedia.com
s.amazon-adsystem.com
8 u.openx.net 5 redirects s.amazon-adsystem.com
adclick.g.doubleclick.net
8 de.tynt.com 3 redirects d3lcz8vpax4lo2.cloudfront.net
visitor.omnitagjs.com
adclick.g.doubleclick.net
8 www.gstatic.com www.google.com
www.gstatic.com
8 sb.scorecardresearch.com 1 redirects www.staradvertiser.com
8 www.googletagmanager.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
www.googletagmanager.com
www.googleoptimize.com
adclick.g.doubleclick.net
8 use.fontawesome.com www.staradvertiser.com
use.fontawesome.com
d3plfjw9uod7ab.cloudfront.net
7 partner.mediawallahscript.com 6 redirects bcp.crwdcntrl.net
7 tags.crwdcntrl.net www.staradvertiser.com
s.e-planning.net
tags.crwdcntrl.net
7 a.tribalfusion.com 5 redirects googleads.g.doubleclick.net
046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
7 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
www.staradvertiser.com
7 sync-dmp.mobtrakk.com 3 redirects www.staradvertiser.com
cs-tam.minutemedia-prebid.com
sync.adkernel.com
7 creativecdn.com 7 redirects
7 targeting.unrulymedia.com embed.sendtonews.com
adclick.g.doubleclick.net
7 u.4dex.io www.staradvertiser.com
ads.us.e-planning.net
ads.pubmatic.com
eb2.3lift.com
7 c1.adform.net 7 redirects
7 p.rfihub.com 7 redirects
7 ad.turn.com 7 redirects
7 lexicon.33across.com 1 redirects www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
cdn-ima.33across.com
adclick.g.doubleclick.net
embed.sendtonews.com
7 cdn.jsdelivr.net 2 redirects origami.secure.ownlocal.com
adclick.g.doubleclick.net
cdn.jsdelivr.net
7 v.clarity.ms d3plfjw9uod7ab.cloudfront.net
7 sync.go.sonobi.com 7 redirects www.staradvertiser.com
7 travel.payvibe.com www.staradvertiser.com
travel.payvibe.com
6 io.narrative.io 3 redirects www.staradvertiser.com
6 bcp.crwdcntrl.net api.retargetly.com
www.staradvertiser.com
tags.crwdcntrl.net
6 app.retargetly.com api.retargetly.com
6 storage.googleapis.com www.staradvertiser.com
6 csi.gstatic.com imasdk.googleapis.com
6 rtb.adentifi.com 5 redirects www.staradvertiser.com
6 cms.quantserve.com 6 redirects
6 sync.taboola.com ch-match.taboola.com
imprchmp.taboola.com
6 sync.smartadserver.com 6 redirects
6 pm.w55c.net 6 redirects
6 ssbsync.smartadserver.com 5 redirects visitor.omnitagjs.com
6 cs.yellowblue.io cs-server-s2s.yellowblue.io
www.staradvertiser.com
6 tags.qortex.ai embed.sendtonews.com
tags.qortex.ai
d3plfjw9uod7ab.cloudfront.net
6 api.payvibe.com travel.payvibe.com
6 dpm.demdex.net 3 redirects u.openx.net
bcp.crwdcntrl.net
www.staradvertiser.com
6 c.amazon-adsystem.com embed.sendtonews.com
c.amazon-adsystem.com
adclick.g.doubleclick.net
6 htlb.casalemedia.com d3plfjw9uod7ab.cloudfront.net
embed.sendtonews.com
adclick.g.doubleclick.net
5 d.turn.com 4 redirects www.staradvertiser.com
5 idsync.rlcdn.com 2 redirects u.openx.net
www.staradvertiser.com
5 s.ad.smaato.net 5 redirects
5 cm.adgrx.com 5 redirects
5 match.deepintent.com 4 redirects www.staradvertiser.com
5 id.a-mx.com 3 redirects www.staradvertiser.com
adclick.g.doubleclick.net
5 sync.mathtag.com 5 redirects
5 static.instiengage.com www.staradvertiser.com
5 cm.adform.net 5 redirects
5 rtb.mfadsrvr.com 5 redirects
5 s.cpx.to d3plfjw9uod7ab.cloudfront.net
www.staradvertiser.com
5 dsum.casalemedia.com ssum-sec.casalemedia.com
ssum.casalemedia.com
5 assets.a-mo.net prebid.a-mo.net
assets.a-mo.net
5 secure.cdn.fastclick.net www.staradvertiser.com
secure.cdn.fastclick.net
5 api.assertcom.de d3plfjw9uod7ab.cloudfront.net
5 trc.taboola.com 1 redirects d3plfjw9uod7ab.cloudfront.net
ch-match.taboola.com
imprchmp.taboola.com
5 bidder.criteo.com d3plfjw9uod7ab.cloudfront.net
adclick.g.doubleclick.net
www.staradvertiser.com
5 embed.sendtonews.com 1 redirects www.staradvertiser.com
embed.sendtonews.com
d3plfjw9uod7ab.cloudfront.net
4 ice.360yield.com 2 redirects csync.smilewanted.com
www.staradvertiser.com
4 event.instiengage.com product.instiengage.com
4 a.audrte.com 3 redirects www.staradvertiser.com
4 pdp-service.retargetly.com 1 redirects ads.us.e-planning.net
pdp-cdn.retargetly.com
4 bpi.rtactivate.com us-u.openx.net
www.staradvertiser.com
ads.pubmatic.com
4 sid.storygize.net 4 redirects
4 s.company-target.com 4 redirects
4 tr.blismedia.com 2 redirects www.staradvertiser.com
digikulture-d.openx.net
4 ssp-sync.criteo.com www.staradvertiser.com
4 rtb.gumgum.com 1 redirects ads.us.e-planning.net
rtb.gumgum.com
4 beacon.lynx.cognitivlabs.com 3 redirects ads.pubmatic.com
4 api.retargetly.com 1 redirects s.e-planning.net
api.retargetly.com
4 ssum.casalemedia.com 2 redirects ads.us.e-planning.net
4 id.rlcdn.com 2 redirects visitor.omnitagjs.com
us-u.openx.net
4 a.sportradarserving.com 4 redirects
4 s.e-planning.net ads.us.e-planning.net
4 aax.amazon-adsystem.com c.amazon-adsystem.com
4 hbopenbid.pubmatic.com embed.sendtonews.com
adclick.g.doubleclick.net
4 tlx.3lift.com embed.sendtonews.com
adclick.g.doubleclick.net
4 bttrack.com 4 redirects
4 contextual.media.net cs-server-s2s.yellowblue.io
digikulture-d.openx.net
u.openx.net
4 rsms.me origami.secure.ownlocal.com
rsms.me
4 unpkg.com origami.secure.ownlocal.com
4 www.googletagservices.com securepubads.g.doubleclick.net
77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com
www.staradvertiser.com
googleads.g.doubleclick.net
4 stats.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net
4 imasdk.googleapis.com d3plfjw9uod7ab.cloudfront.net
046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
4 jadserve.postrelease.com 1 redirects d3plfjw9uod7ab.cloudfront.net
www.staradvertiser.com
4 cdn.confiant-integrations.net d3lcz8vpax4lo2.cloudfront.net
cdn.confiant-integrations.net
www.googletagmanager.com
4 jxgdqbxdiycfimegq.ay.delivery d3plfjw9uod7ab.cloudfront.net
4 analyticssystems.net www.staradvertiser.com
046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
4 a.teads.tv www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
4 powerad.ai www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
4 d3lcz8vpax4lo2.cloudfront.net www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
4 use.typekit.net www.staradvertiser.com
use.typekit.net
d3plfjw9uod7ab.cloudfront.net
4 d3plfjw9uod7ab.cloudfront.net www.staradvertiser.com
securepubads.g.doubleclick.net
046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
4 www.staradvertiser.com d3plfjw9uod7ab.cloudfront.net
3 csm.us.criteo.net ads.us.criteo.com
3 i.w55c.net 3 redirects
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 ps.eyeota.net 2 redirects www.staradvertiser.com
3 px.owneriq.net 3 redirects
3 tg.socdm.com 3 redirects
3 simage4.pubmatic.com ads.pubmatic.com
3 ads.creative-serving.com 3 redirects
3 pixel-eu.rubiconproject.com 3 redirects
3 us-central1-kube-ownlocal.cloudfunctions.net www.staradvertiser.com
3 ads.betweendigital.com 3 redirects
3 cm-x.mgid.com 3 redirects
3 ssp.disqus.com 3 redirects
3 pixel.sitescout.com 3 redirects
3 cs.media.net 3 redirects
3 t.adx.opera.com 3 redirects
3 r.bidswitch.net 3 redirects
3 csync.smartadserver.com cs.seedtag.com
csync.smartadserver.com
3 aa.agkn.com sync.teads.tv
us-u.openx.net
www.staradvertiser.com
3 tags.bluekai.com sync.teads.tv
bcp.crwdcntrl.net
cti.w55c.net
3 ads.us.e-planning.net 1 redirects www.staradvertiser.com
s.adtelligent.com
3 33across-match.dotomi.com 3 redirects
3 hb.undertone.com embed.sendtonews.com
3 prebid-server.rubiconproject.com embed.sendtonews.com
3 p2.gcprivacy.com adclick.g.doubleclick.net
p.gcprivacy.com
www.staradvertiser.com
3 lb.eu-1-id5-sync.com d3plfjw9uod7ab.cloudfront.net
adclick.g.doubleclick.net
cdn.id5-sync.com
3 ads.stickyadstv.com 3 redirects
3 sync.colossusssp.com 3 redirects
3 pubads.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net
imasdk.googleapis.com
3 cdn.hadronid.net a.ad.gt
www.staradvertiser.com
3 gum.criteo.com 1 redirects cdn.taboola.com
3 ping.chartbeat.net www.staradvertiser.com
3 cdn-ima.33across.com d3plfjw9uod7ab.cloudfront.net
www.staradvertiser.com
3 js-sec.indexww.com d3plfjw9uod7ab.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
adclick.g.doubleclick.net
3 api.btloader.com d3plfjw9uod7ab.cloudfront.net
3 cdn.polyfill.io travel.payvibe.com
origami.secure.ownlocal.com
3 fastlane.rubiconproject.com d3plfjw9uod7ab.cloudfront.net
adclick.g.doubleclick.net
3 hb.minutemedia-prebid.com d3plfjw9uod7ab.cloudfront.net
adclick.g.doubleclick.net
3 apex.go.sonobi.com d3plfjw9uod7ab.cloudfront.net
3 knottyswing.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
3 sa-media.s3.us-east-1.amazonaws.com www.staradvertiser.com
2 r3---sn-q4fzen7e.c.2mdn.net www.staradvertiser.com
2 us.creativecdn.com 2 redirects
2 oxp.mxptint.net 2 redirects
2 eu-u.openx.net 1 redirects u.openx.net
2 cti.w55c.net eus.rubiconproject.com
cti.w55c.net
2 cs.krushmedia.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects www.staradvertiser.com
2 cs.admanmedia.com 2 redirects
2 cms.analytics.yahoo.com 2 redirects
2 thrtle.com 1 redirects www.staradvertiser.com
2 77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 um4.eqads.com 2 redirects
2 aggle.net p.gcprivacy.com
aggle.net
2 cm.smadex.com 2 redirects
2 pool.admedo.com 2 redirects
2 crb.kargo.com www.staradvertiser.com
2 at.teads.tv adclick.g.doubleclick.net
d3plfjw9uod7ab.cloudfront.net
2 mug.criteo.com www.staradvertiser.com
2 trace.mediago.io 2 redirects
2 pmp.mxptint.net 1 redirects www.staradvertiser.com
2 ums.acuityplatform.com 2 redirects
2 s.tribalfusion.com ads.pubmatic.com
www.staradvertiser.com
2 static.anonymised.io www.googletagmanager.com
static.anonymised.io
2 sync.intentiq.com 1 redirects eus.rubiconproject.com
2 capi.connatix.com 1 redirects www.staradvertiser.com
2 px.ads.linkedin.com www.staradvertiser.com
eb2.3lift.com
2 x.dlx.addthis.com 1 redirects ssum.casalemedia.com
2 d.adroll.com ssum.casalemedia.com
ssum-sec.casalemedia.com
2 image4.pubmatic.com 1 redirects www.staradvertiser.com
2 match.adsby.bidtheatre.com 2 redirects
2 inv-nets.admixer.net 2 redirects
2 sync.adotmob.com 2 redirects
2 gw-iad-bid.ymmobi.com 2 redirects
2 cookies.nextmillmedia.com 2 redirects
2 rtb.om-meta.com 2 redirects
2 prebid-match.dotomi.com 2 redirects
2 sync.admanmedia.com ads.us.e-planning.net
2 sync.springserve.com sync.teads.tv
ce.lijit.com
2 loadm.exelator.com 2 redirects
2 ch-match.taboola.com d3plfjw9uod7ab.cloudfront.net
2 api.fouanalytics.com tags.qortex.ai
www.staradvertiser.com
2 dmp.brand-display.com 2 redirects
2 live.rezync.com 2 redirects
2 id.hadron.ad.gt d3plfjw9uod7ab.cloudfront.net
2 acdn.adnxs.com d3lcz8vpax4lo2.cloudfront.net
adclick.g.doubleclick.net
2 config.aps.amazon-adsystem.com c.amazon-adsystem.com
2 api.rlcdn.com d3plfjw9uod7ab.cloudfront.net
2 cdn.materialdesignicons.com 2 redirects
2 snowplow.ownlocal.com www.staradvertiser.com
2 t.teads.tv www.staradvertiser.com
2 www.i.matheranalytics.com www.staradvertiser.com
2 046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com securepubads.g.doubleclick.net
d3plfjw9uod7ab.cloudfront.net
2 ad-delivery.net www.staradvertiser.com
2 hb.brainlyads.com powerad.ai
www.staradvertiser.com
2 a.ad.gt d3plfjw9uod7ab.cloudfront.net
2 hb.yellowblue.io d3plfjw9uod7ab.cloudfront.net
2 insticator-d.openx.net d3plfjw9uod7ab.cloudfront.net
2 adx2.adform.net d3plfjw9uod7ab.cloudfront.net
2 web.hb.ad.cpe.dotomi.com d3plfjw9uod7ab.cloudfront.net
2 mp.4dex.io d3plfjw9uod7ab.cloudfront.net
2 reporting.powerad.ai d3plfjw9uod7ab.cloudfront.net
2 script.4dex.io d3lcz8vpax4lo2.cloudfront.net
d3plfjw9uod7ab.cloudfront.net
2 cdn-p.cityspark.com d3plfjw9uod7ab.cloudfront.net
2 js.matheranalytics.com 1 redirects www.staradvertiser.com
2 auth.instiengage.com d3plfjw9uod7ab.cloudfront.net
auth.instiengage.com
2 geoip.instiengage.com d3plfjw9uod7ab.cloudfront.net
product.instiengage.com
2 www.clarity.ms www.staradvertiser.com
www.clarity.ms
2 p.typekit.net use.typekit.net
client
2 polyfill.io www.staradvertiser.com
2 product.instiengage.com www.staradvertiser.com
d3lcz8vpax4lo2.cloudfront.net
2 static.chartbeat.com www.staradvertiser.com
2 maxcdn.bootstrapcdn.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
1 event.hgrtb.com 1 redirects
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 ws.rqtrk.eu 1 redirects
1 gcdn.2mdn.net 1 redirects
1 google.partners.tremorhub.com 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 protected-by.clarium.io 046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
1 sync.lunamedia.live csync.smilewanted.com
1 vid.vidoomy.com s.adtelligent.com
1 a4p.adpartner.pro 1 redirects
1 us.shb-sync.com 1 redirects
1 usync.vrtcal.com www.staradvertiser.com
1 s.adtelligent.com adclick.g.doubleclick.net
1 dis.eu.criteo.com 1 redirects
1 track.adform.net sync.richaudience.com
1 static.smilewanted.com csync.smilewanted.com
1 cs.mobfox.com 1 redirects
1 pxl.iqm.com 1 redirects
1 sync-t1.taboola.com ch-match.taboola.com
1 triplelift-match.dotomi.com 1 redirects
1 c.bing.com eb2.3lift.com
1 openx2-match.dotomi.com 1 redirects
1 hbx.media.net 1 redirects
1 digikulture-d.openx.net adclick.g.doubleclick.net
1 prebid.adnxs.com adclick.g.doubleclick.net
1 imageproxy.us.criteo.net ads.us.criteo.com
1 cat.va.us.criteo.com ads.us.criteo.com
1 rtb.va.us.criteo.com googleads.g.doubleclick.net
1 gtrace.mediago.io 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 ads.us.criteo.com googleads.g.doubleclick.net
1 tags.w55c.net cti.w55c.net
1 rcp.c.appier.net 1 redirects
1 www.tumblr.com eus.rubiconproject.com
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 dmp.adform.net 1 redirects
1 pixel.quantserve.com www.staradvertiser.com
1 i6.liadm.com www.staradvertiser.com
1 r.casalemedia.com ssum-sec.casalemedia.com
1 amazon-tam-match.dotomi.com 1 redirects
1 idsyncmxedge.com api.retargetly.com
1 cs-tam.minutemedia-prebid.com s.amazon-adsystem.com
1 synchroscript.deliveryengine.adswizz.com www.staradvertiser.com
1 retargetly-match.dotomi.com 1 redirects
1 sync.bfmio.com www.staradvertiser.com
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 data.adsrvr.org 1 redirects
1 pulsepoint-match.dotomi.com 1 redirects
1 americanhometownmedia.com www.googletagmanager.com
1 pdp-cdn.retargetly.com api.retargetly.com
1 aorta.clickagy.com 1 redirects
1 idpix.media6degrees.com 1 redirects
1 stags.bluekai.com us-u.openx.net
1 rules.quantcount.com secure.quantserve.com
1 cms-xch-chicago.33across.com de.tynt.com
1 rubiconcm.digitaleast.mobi 1 redirects
1 sync.ex.co www.staradvertiser.com
1 match.sync.ad.cpe.dotomi.com www.staradvertiser.com
1 e.serverbid.com www.staradvertiser.com
1 rbp.mxptint.net 1 redirects
1 usr.undertone.com www.staradvertiser.com
1 prebid-s2s.media.net www.staradvertiser.com
1 dsp.adfarm1.adition.com 1 redirects
1 sync.aniview.com www.staradvertiser.com
1 rubicon-match.dotomi.com 1 redirects
1 sync.outbrain.com www.staradvertiser.com
1 idx.liadm.com adclick.g.doubleclick.net
1 cdn.id5-sync.com www.staradvertiser.com
1 pubmatic-match.dotomi.com 1 redirects
1 us01.z.antigena.com www.staradvertiser.com
1 gocm.c.appier.net 1 redirects
1 sync.aralego.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 secure.quantserve.com www.googletagmanager.com
1 exchange.mediavine.com www.staradvertiser.com
1 s2s.t13.io www.staradvertiser.com
1 rtb.adstanding.com 1 redirects
1 hb.yahoo.net www.staradvertiser.com
1 sync1.intentiq.com www.staradvertiser.com
1 live.primis.tech 1 redirects
1 aax-eu.amazon-adsystem.com www.staradvertiser.com
1 casale-match.dotomi.com 1 redirects
1 p.gcprivacy.com adclick.g.doubleclick.net
1 fid.agkn.com adclick.g.doubleclick.net
1 id.rtb.mx assets.a-mo.net
1 pixel-us-west.rubiconproject.com 1 redirects
1 lockerdome.com adclick.g.doubleclick.net
1 smartssp-us-east.iqzone.com adclick.g.doubleclick.net
1 ghb.adtelligent.com adclick.g.doubleclick.net
1 prebid.smilewanted.com adclick.g.doubleclick.net
1 shb.richaudience.com adclick.g.doubleclick.net
1 grid.bidswitch.net adclick.g.doubleclick.net
1 cds.taboola.com d3plfjw9uod7ab.cloudfront.net
1 ow.pubmatic.com www.staradvertiser.com
1 c3.a-mo.net 1 redirects
1 api-2-0.spot.im visitor.omnitagjs.com
1 ced-ns.sascdn.com csync.smartadserver.com
1 pips.taboola.com d3plfjw9uod7ab.cloudfront.net
1 cms.instiengage.com product.instiengage.com
1 event.clientgear.com 1 redirects
1 ad.360yield.com cs.seedtag.com
1 beacon.krxd.net sync.teads.tv
1 load77.exelator.com sync.teads.tv
1 ch-vid-events.taboola.com www.staradvertiser.com
1 imprchmp.taboola.com d3plfjw9uod7ab.cloudfront.net
1 cloudflare.com adclick.g.doubleclick.net
1 cat.hbwrapper.com adclick.g.doubleclick.net
1 pixels.ad.gt d3plfjw9uod7ab.cloudfront.net
1 pippio.com ssum-sec.casalemedia.com
1 cs.seedtag.com d3lcz8vpax4lo2.cloudfront.net
1 id.crwdcntrl.net d3plfjw9uod7ab.cloudfront.net
1 s0.2mdn.net imasdk.googleapis.com
1 id.sv.rkdms.com d3plfjw9uod7ab.cloudfront.net
1 player.sendtonews.com embed.sendtonews.com
1 vidstat.taboola.com d3plfjw9uod7ab.cloudfront.net
1 cdn.firstimpression.io d3plfjw9uod7ab.cloudfront.net
1 geo.privacymanager.io d3plfjw9uod7ab.cloudfront.net
1 trc-events.taboola.com d3plfjw9uod7ab.cloudfront.net
1 increaserev.com www.staradvertiser.com
1 adclick.g.doubleclick.net 1 redirects
1 p.ad.gt a.ad.gt
1 widgets.outbrain.com www.staradvertiser.com
1 analytics.google.com d3plfjw9uod7ab.cloudfront.net
1 ad.doubleclick.net www.staradvertiser.com
1 static.adsafeprotected.com www.staradvertiser.com
1 trk.kissmetrics.io d3plfjw9uod7ab.cloudfront.net
1 ats.rlcdn.com d3plfjw9uod7ab.cloudfront.net
1 p.cpx.to d3plfjw9uod7ab.cloudfront.net
1 pixel.zprk.io d3plfjw9uod7ab.cloudfront.net
1 ecdn.firstimpression.io d3plfjw9uod7ab.cloudfront.net
1 ecdn.analysis.fi d3plfjw9uod7ab.cloudfront.net
1 mab.chartbeat.com d3plfjw9uod7ab.cloudfront.net
1 aamcf.aamsitecertifier.com www.staradvertiser.com
1 geoip.insticator.com d3plfjw9uod7ab.cloudfront.net
1 btloader.com d3plfjw9uod7ab.cloudfront.net
1 scripts.kissmetrics.io www.staradvertiser.com
1 i.kissmetrics.io www.staradvertiser.com
1 scribblestring.com www.staradvertiser.com
1 aamcftag.aamsitecertifier.com www.staradvertiser.com
1 sa-media.s3.amazonaws.com www.staradvertiser.com
1 cdn.cityspark.com www.staradvertiser.com
1 embedcdn.sendtonews.com www.staradvertiser.com
1 www.googleoptimize.com www.staradvertiser.com
1 s.ntv.io www.staradvertiser.com
1 content.jwplatform.com www.staradvertiser.com
1 ajax.googleapis.com www.staradvertiser.com
0 cs.smartssp.iqzone.com Failed adclick.g.doubleclick.net
0 a.usbrowserspeed.com Failed aggle.net
0 serverf5.idsyncmxedge.com Failed api.retargetly.com
0 jelly.mdhv.io Failed ssum-sec.casalemedia.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 p.adsymptotic.com Failed sync.teads.tv
1750 444
Subject Issuer Validity Valid
*.staradvertiser.com
Go Daddy Secure Certificate Authority - G2		 2023-01-28 -
2024-02-29		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
wpenginepowered.com
E1		 2023-11-28 -
2024-02-26		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-21 -
2024-10-21		 a year crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-28 -
2024-08-28		 a year crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2023-05-09 -
2024-05-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
powerad.ai
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
polyfill.io
Certainly Intermediate R1		 2023-12-22 -
2024-01-21		 a month crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-10		 9 months crt.sh
widget.secure.ownlocal.com
GTS CA 1D4		 2023-12-05 -
2024-03-04		 3 months crt.sh
sni0f49gl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-24 -
2024-08-23		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
analyticssystems.net
Cloudflare Inc ECC CA-3		 2023-12-26 -
2024-12-25		 a year crt.sh
*.aamsitecertifier.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
knottyswing.com
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
scribblestring.com
R3		 2023-10-27 -
2024-01-25		 3 months crt.sh
*.kissmetrics.io
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2024-11-09		 a year crt.sh
sendtonews.com
Amazon RSA 2048 M02		 2023-10-22 -
2024-11-19		 a year crt.sh
*.payvibe.com
Amazon RSA 2048 M01		 2023-09-27 -
2024-10-24		 a year crt.sh
cdn-p.cityspark.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
btloader.com
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
ay.delivery
GTS CA 1P5		 2023-12-26 -
2024-03-25		 3 months crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2023-08-28 -
2024-08-28		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-11-19 -
2024-02-17		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.powerad.ai
Go Daddy Secure Certificate Authority - G2		 2023-08-13 -
2024-09-13		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2023-12-07 -
2025-01-07		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-29 -
2024-04-15		 a year crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2023-07-28 -
2024-08-11		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
ssc.33across.com
GTS CA 1D4		 2023-12-25 -
2024-03-24		 3 months crt.sh
*.minutemedia-prebid.com
Amazon ECDSA 256 M02		 2023-04-09 -
2024-05-07		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
analysis.fi
Amazon RSA 2048 M01		 2023-10-04 -
2024-10-31		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2023-11-28 -
2024-12-05		 a year crt.sh
*.zprk.io
Amazon RSA 2048 M03		 2023-09-19 -
2024-10-17		 a year crt.sh
a.ad.gt
E1		 2023-12-12 -
2024-03-11		 3 months crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2023-01-12 -
2024-01-13		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
hb.brainlyads.com
Go Daddy Secure Certificate Authority - G2		 2023-11-24 -
2024-12-25		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-12-08 -
2024-03-07		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.sendtonews.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-16		 a year crt.sh
www.i.matheranalytics.com
Amazon RSA 2048 M03		 2023-11-15 -
2024-12-14		 a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
api.assertcom.de
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
hadronid.net
GTS CA 1P5		 2023-12-03 -
2024-03-02		 3 months crt.sh
p.ad.gt
Cloudflare Inc ECC CA-3		 2023-11-09 -
2024-11-07		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
snowplow.ownlocal.com
GTS CA 1D4		 2023-11-25 -
2024-02-23		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.blazingcdn.net
Sectigo RSA Domain Validation Secure Server CA		 2023-07-05 -
2024-08-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
rsms.me
E1		 2023-12-29 -
2024-03-28		 3 months crt.sh
qortex.ai
GTS CA 1P5		 2023-12-20 -
2024-03-19		 3 months crt.sh
rkdms.com
Amazon RSA 2048 M03		 2023-10-04 -
2024-11-01		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2023-01-12 -
2024-01-17		 a year crt.sh
fouanalytics.com
E1		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
cat.hbwrapper.com
R3		 2023-11-30 -
2024-02-28		 3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2023-12-01 -
2024-02-29		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.gcprivacy.com
Amazon RSA 2048 M03		 2023-11-03 -
2024-12-01		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.undertone.com
Amazon RSA 2048 M02		 2023-08-03 -
2024-08-30		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
ads.us.e-planning.net
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-02 -
2024-08-04		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-13		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.e-planning.net
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-14 -
2024-07-17		 a year crt.sh
*.spot.im
Amazon RSA 2048 M02		 2023-09-03 -
2024-09-30		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-08-14 -
2024-09-12		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-11-28 -
2024-02-26		 3 months crt.sh
*.iqzone.com
Go Daddy Secure Certificate Authority - G2		 2023-04-05 -
2024-05-06		 a year crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2023-09-27 -
2024-10-28		 a year crt.sh
id.a-mx.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-12 -
2024-11-10		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-06		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
anonymised.io
GTS CA 1D4		 2023-11-18 -
2024-02-16		 3 months crt.sh
*.retargetly.com
R3		 2023-12-21 -
2024-03-20		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M02		 2023-11-17 -
2024-12-15		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
u.4dex.io
GTS CA 1D4		 2023-12-19 -
2024-03-18		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
events-ssc.33across.com
GTS CA 1D4		 2023-12-22 -
2024-03-21		 3 months crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
www.americanhometownmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-05-14 -
2024-06-14		 a year crt.sh
aggle.net
Amazon RSA 2048 M01		 2023-07-30 -
2024-08-27		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M03		 2023-12-12 -
2025-01-09		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-07-04 -
2024-08-01		 a year crt.sh
idsyncmxedge.com
Amazon RSA 2048 M03		 2023-11-13 -
2024-12-10		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.w55c.net
Amazon RSA 2048 M02		 2023-05-29 -
2024-06-25		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
*.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-10 -
2024-02-03		 3 months crt.sh
*.va.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-25 -
2024-02-22		 3 months crt.sh
*.us.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-27 -
2024-03-22		 3 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2023-05-31 -
2024-06-30		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M03		 2023-09-09 -
2024-10-07		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-11-23 -
2024-02-21		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-10-06		 a year crt.sh
*.lunamedia.live
AlphaSSL CA - SHA256 - G4		 2023-06-05 -
2024-07-06		 a year crt.sh
protected-by.clarium.io
Amazon RSA 2048 M03		 2023-11-16 -
2024-12-15		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-12-12 -
2024-02-20		 2 months crt.sh
*.turn.com
RapidSSL TLS RSA CA G1		 2023-03-22 -
2024-03-31		 a year crt.sh

This page contains 232 frames:

Primary Page: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Frame ID: A0DFA89ADD916B106C800E9ADC5799CE
Requests: 513 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 4606210BC7C6996FC216F6A7B2550878
Requests: 2 HTTP requests in this frame

Frame: https://travel.payvibe.com/affiliate/hotdealshawaii
Frame ID: 0EEEEE17FB8D98168CD22C9280B123F0
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Frame ID: D13ADBA54092480EE1961CC10FECCE73
Requests: 2 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Frame ID: E6AF727220469797C066EED486368FAE
Requests: 1 HTTP requests in this frame

Frame: https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D8CC29557E16B8A36C1D27449E201169
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: 2894B92B0FAF285F6FEF8FABA1A82C4B
Requests: 46 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: F936A49F2FA92CEE233E6BD6B1A3AD82
Requests: 84 HTTP requests in this frame

Frame: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Frame ID: 238D6950A145821F56D02F1C2117BE99
Requests: 19 HTTP requests in this frame

Frame: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Frame ID: E3ADBE8DBFCE87746999CD4B36DCB5EB
Requests: 18 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: 2E5E6C97B39E79901FC42264802CDD5D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 26E37459B51CB9B58E4579658B3FC327
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Frame ID: 0C9EA9CC0188C98ECDB98262B977AE56
Requests: 20 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/unruly/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Frame ID: 0C401DB64D7B726321929C85CFE89CE7
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Frame ID: AE0A13054FAB287178CFA460FC0DCD25
Requests: 5 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Frisecodes%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Frame ID: F81BD5E030D1AFA87DBFC181DF064C77
Requests: 16 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/openx/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=45e60238-042b-420a-af51-f1abce306690
Frame ID: 63B5F29D0460275CADE1205FD71585BE
Requests: 1 HTTP requests in this frame

Frame: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Frame ID: ABC5D4466546058410C96A6734C2800F
Requests: 17 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&b=1
Frame ID: CDB8FE6B39FDE3EA62CB6559F7D68CFD
Requests: 5 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/sharethrough/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=c73598e4-19af-4225-ad41-0db5af961cdf
Frame ID: 726906EE62B402440DEFFF6B82EB33C4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Frame ID: 0868117B3656CE6B26555452B08C7FEC
Requests: 21 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ap8uL8Rtmr6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Frame ID: C79158378CB060A23CA3B8A1333D956E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 012D44D82D894A2292FA2448EA479152
Requests: 2 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/loopme/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=d08b0939-e7dd-47e1-a1ce-13919d351d77
Frame ID: 78026D1FB7214168D5F72E2A82110946
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CtABShZ3d3cuc3RhcmFkdmVydGlzZXIuY29tUgthYXMtNjQ1NzE1N1oIcGJhMS4zLjJqFnd3dy5zdGFyYWR2ZXJ0aXNlci5jb236AQY3LjQyLjDoAgGIA7q23awGqAM66gMkNTk5MjZhNGEtNDI3Ni00MjJhLWE4NGUtMzYwMjUwODQ1ZjliqgQDRENIsgUDVVNE0gUJMTA1MTk5Mzg42AUB4AUB6gUHZGVza3RvcPoFA255NaoHA3dlYsoHEnN0YXJhZHZlcnRpc2VyLmNvbeAHAQ
Frame ID: B7FBFC485644703176A424CFD7609513
Requests: 18 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E0350B865FBCC379BD4B0F7AD48F892C
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/0?gdpr=0&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Famx%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Frame ID: D9E5DA95965EE52529976BE518651304
Requests: 12 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Frame ID: D939BE6A4A1B13B36F2F5E757AEC1D23
Requests: 7 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps?m=xch&rt=html&id=0010b00001rrPUnAAM&ru=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2F33across%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D33XUSERID33X
Frame ID: 4D37CBF5DA7C60A3313BB147A9768656
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 54D8EC6F2A38A434254C9ED98FD7995E
Requests: 19 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Frame ID: 3ADB2E4A2A71346C53ED7B9FD5212A97
Requests: 24 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/sonobi/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=770043a8-af77-46db-9a99-c38ce904d888
Frame ID: D29D11A1D2AD83CDAE0F9F06D75BFCA5
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Frame ID: A7BA1BDACB39D01C0968E8F847CC41E6
Requests: 5 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/colossus/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=1e2c6b9b-b313-4977-8d47-506b6f116205
Frame ID: 7E92FF2E962B13F538623EE9C6DF94DB
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D&s=192379&C=1
Frame ID: 39BBBD36E8279F8879703543BE842BA6
Requests: 10 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/sovrn/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=H8B4hBZHEQ_m7NwFTi24NL7-
Frame ID: F75396F2C80817F51E0861F0C497954A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 0EBA54F5D3202D0FDB136633AEC49ECF
Requests: 6 HTTP requests in this frame

Frame: https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Frame ID: 0927D280141C9B8A22652821C381132A
Requests: 10 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=62653&gdprIab={%22reason%22:0,%22status%22:0,%22consent%22:%22%22,%22apiVersion%22:2,%22cmpId%22:9}&fromFormat=true&env=js-web&auctid=7f4cbe29-60d9-4374-99cc-cb1a05bd0f3a&vid=5aae2540-b768-4666-864c-f0c5786ce1d3&us_privacy=1---&1704418112421
Frame ID: 197CA8EEB4CAEF1F5389DDB8C42E601F
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: 8530142449D939D5449D8622E734DA3F
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: 9CBF15B56E27E594BFE6C500A8680AE0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=x9nb1jn75hou
Frame ID: FE25F0EE58CAAFC0F4F89C1A34645F82
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=c8pisbjflbue
Frame ID: E5BBB92588D2A35F7A1B0565F618029D
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: FFC3BBE96E35432C71A80DE13A7A334B
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: 94476DB082442180DC26F27D8D9C3CBE
Requests: 6 HTTP requests in this frame

Frame: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8MuwCLAZYi8NDfbKruBKwFoeH-mRXcS0AAABgYID-AIk4J5uJw-RbCxam5Vq0Gk7Wws1k5FYZloPdYjKxrRyrISAR52QzcZh8a8HCtFyLVsPJWriZjNwqw3KwW0wmtpVjNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG9ih6XT4XPd63e9315welofJ9rKcnp6X5a7xu_2SwWS0Fyz2gtFeYnk5vE67zy13-T5_td_ycouODrtbMlgr7VbX5WVyK2yml-Utd_neyr_l69Y4Tc-35nXxPZxv0eXhtLtFLsvDafb85QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaA8Q0CziwHBHf5Dsq_5esPAAAAACAAAAAASAAM7DeWALh4TTzx_________x9jgD7zRsb_____jYUeAA8-AB6EAAAAXAwxl61BrB3ZLSdyYFOEEQAAAAATQjujI5N0gopFlf___34rAFcAAAIYr3nIlrLoDkq8hQEAACgYs0APi99vdtg1frfL_P________-b-T_zj0ZoZGYmjfAkPKmaX0AAgDW_gAAAbNQNAMCbADhBJwBWRyEWs8FyM1kOlrMDAAAAcOf___9fD8jMfIvBxGTYbTwr32oz8Q1XE4dtZlmYbBvjxjTYHvHI_4yiLyjiPiHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBgtRptVjPPWuUyzdyilWO0Fm5GE7duuBwsTDPjZmWzuUWvj-njHKwME48XCQaw7UXytEgnssnKNfEtJoPByDba7JbDjck2WZgcI9PGspgYJxOxRHOySCeyy74z8y0GE5Nht_GsfKvNxDdcTRy2mWVhsm2MG9NgX1itRpvVzLNWuUwzt2jlGK2Fm9HErRsuBwvTzLhZ2Wxu0etj-jgHK8PE42_sBqPRYrgYDPeN3WA0WgwXg-G-Q2f4rj5no_JlzHiEIpE4sdvZnAaFy2DxTosWaetw9Bl1XttEmFqbdo6JVWiVeA0Kz8FjGhtr6sPfmlvtbhaF42BRxBLBRTrRO4yut-b0sDxMtpfl9PS8LBexRGm6SCd6yWAy2gsWe8FoL7G8HF6n3eeWu3yfv9pveblFR4fdLRmslXar6_IyuRU208vylrt8b-Xf8nVrnKbnW_O6-B7Ot-jycNrdIpfl4TR7LmKJ4HSRTkQv4-mi_qOGGc4Vm8lcsRjOdYNVAgAAAAAAAACwBJNMNwEAAABwMpDZYjBYrdNBrFaTyWy1XAARVqy6fv5ZsHPebBl3SamVa7HF1qEUa-yxiXcYXW_N6WF5mGwvy-npeVmuDCDCSpXZZp8RxFqtljUAAAABbAAAAAHcdONNwJkV9____z8OAAAAgBx6AAAA9PuAooqFH7lQ7PkVxGIxGO0fgAqxVqvV7cZarVZAgdpNIABAQD1BAAAAAACAFTA!&cmcv=&pix=undefined&cb=1704418113878&uv=3372&tms=1704418113878&abt=adxsub-out_vA!adxsub-out_vB!esv_vB!lvlstst-in2_vB!lvlstst1_vB!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=b923bad7-0a49-4582-832d-e090712b6e15&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: F95A7598FF572BC2BF1885EC0882283F
Requests: 4 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V8MuwCLAZYi8NDfbKruBKwFoeH-mRXcS0AAABgYID-AIk4J5uJw-RbCxam5Vq0Gk7Wws1k5FYZloPdYjKxrRyrISAR52QzcZh8a8HCtFyLVsPJWriZjNwqw3KwW0wmtpVjNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG9ih6XT4XPd63e9315welofJ9rKcnp6X5a7xu_2SwWS0Fyz2gtFeYnk5vE67zy13-T5_td_ycouODrtbMlgr7VbX5WVyK2yml-Utd_neyr_l69Y4Tc-35nXxPZxv0eXhtLtFLsvDafb85QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaA8Q0CziwHBHf5Dsq_5esPAAAAACAAAAAASAAM7DeWALh4TTzx_________x9jgD7zRsb_____jYUeAA8-AB6EAAAAXAwxl61BrB3ZLSdyYFOEEQAAAAATQjujI5N0gopFlf___34rAFcAAAIYr3nIlrLoDkq8hQEAACgYs0APi99vdtg1frfL_P________-b-T_zj0ZoZGYmjfAkPKmaX0AAgDW_gAAAbNQNAMCbADhBJwBWRyEWs8FyM1kOlrMDAAAAcOf___9fD8jMfIvBxGTYbTwr32oz8Q1XE4dtZlmYbBvjxjTYHvHI_4yiLyjiPiHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBgtRptVjPPWuUyzdyilWO0Fm5GE7duuBwsTDPjZmWzuUWvj-njHKwME48XCQaw7UXytEgnssnKNfEtJoPByDba7JbDjck2WZgcI9PGspgYJxOxRHOySCeyy74z8y0GE5Nht_GsfKvNxDdcTRy2mWVhsm2MG9NgX1itRpvVzLNWuUwzt2jlGK2Fm9HErRsuBwvTzLhZ2Wxu0etj-jgHK8PE42_sBqPRYrgYDPeN3WA0WgwXg-G-Q2f4rj5no_JlzHiEIpE4sdvZnAaFy2DxTosWaetw9Bl1XttEmFqbdo6JVWiVeA0Kz8FjGhtr6sPfmlvtbhaF42BRxBLBRTrRO4yut-b0sDxMtpfl9PS8LBexRGm6SCd6yWAy2gsWe8FoL7G8HF6n3eeWu3yfv9pveblFR4fdLRmslXar6_IyuRU208vylrt8b-Xf8nVrnKbnW_O6-B7Ot-jycNrdIpfl4TR7LmKJ4HSRTkQv4-mi_qOGGc4Vm8lcsRjOdYNVAgAAAAAAAACwBJNMNwEAAABwMpDZYjBYrdNBrFaTyWy1XAARVqy6fv5ZsHPebBl3SamVa7HF1qEUa-yxiXcYXW_N6WF5mGwvy-npeVmuDCDCSpXZZp8RxFqtljUAAAABbAAAAAHcdONNwJkV9____z8OAAAAgBx6AAAA9PuAooqFH7lQ7PkVxGIxGO0fgAqxVqvV7cZarVZAgdpNIABAQD1BAAAAAACAFTA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 499F73577079786BC32A0F84C79FFC56
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 124BC8617ACF7C7AA7002304AAB411DF
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: D868E286D1F698375E30A123854030D0
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: E482DA00E9D75DE466CCA5C0F5335C66
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: 8C23077E80BF25A7F359787C60403D6C
Requests: 6 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Frame ID: CF7617E0CA1A81A8C2E553D7036F8F6F
Requests: 27 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Frame ID: 484B972640A6FAA8A515448BB7C2F9A5
Requests: 4 HTTP requests in this frame

Frame: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Frame ID: E83FB5CDB373B94778909E3F407AF9E7
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Frame ID: A54C6E7439A248079B27608318F5CCBF
Requests: 7 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704418114850&pubconsent=&euconsent=&hasConsent=1&rd=1
Frame ID: 5F9179B0BC82A2F509D726C471870574
Requests: 5 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
Frame ID: 6CB1C013C30624549638FE22F5B16253
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Frame ID: D4256E4AF8EEDA643998411417CEBAB0
Requests: 22 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75601b04186d260
Frame ID: EBD157E107231307C891B5EF9702462E
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=c73598e4-19af-4225-ad41-0db5af961cdf&gdpr=0
Frame ID: 30D9770CF599A3DAC1A71BE64FCA459F
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=K5XH98XlPE9c&ev=1&us_privacy=&pid=562983
Frame ID: F9E12A5D4D752DF8C993DE8C87B2DB31
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Frame ID: 420CFA5FDBFA90FFD5711B682AF66B00
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain
Frame ID: 256CFFA92B56F015086C1E2E8DBCE469
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Frame ID: A7396449A9E3AA5FC50CAA718871E8EC
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Frame ID: BA4E95604D400E44A3C5FBE48F7CB419
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D486214773fce3e9d%26uid%3D
Frame ID: 25062974D4F35BF7758C52247A1F9BDA
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D486214773fce3e9d%26uid%3D
Frame ID: 81DE6D7DF2D79DBE170DBDCE006CAD9D
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: E8A1E5FEC7C05CA751398E7B3EAA0E60
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 58FA487E6352FACD02D35FE789D3F607
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: E96A4C1F0B7CF10BDC55A0039B1116B1
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 2EE5B35C8930BEACA2F4AB12D5E73D09
Requests: 9 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Frame ID: DDE07FA7D717946D0517527A80D9971A
Requests: 7 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: E1792EFE1D06DF2DBB8CBD41919B753A
Requests: 6 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=A0864502-06A0-4ED8-A79E-7CD263E71299&redir=true&gdpr=0&gdpr_consent=
Frame ID: 9D6341141C284CE51FBDC494EFF9C627
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: A3635F4D901DE50C6CB0C7E927773E21
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: A59D8D3ACD07D845581E3938A65B7901
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 1E4E10EC35485686A85113CA5FDF7499
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 252A4363D03F2B06F03D2538F69B51F7
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 838F5C28DEB821C0F1C7F557BC92BF9F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AagteAL_IHkaqSR2B6o5LFX4ISkarXUsVazYg6Tx
Frame ID: AF0E1A6920086BF4EAA84C44528120BE
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: ED87B0C711BD73BCECB577D5B96C8A2E
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: CB84A5E51CB2C4FB158A93D4BBB3268C
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 2D962B3485D4348A8860F698A9E37D87
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: BCCCD172EF12D986D382C87510863069
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1813050728247349171
Frame ID: 0681429A822AD782216913A622716EE2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 7F0462F50AEAC4672FEC566C4C61F9AA
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 737BC17D9223121DCAEE3F86D203694C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6f38051ae3b444a4aea786afd04874f0
Frame ID: FA3721A32622A9F0314EF1BA938050CF
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 11DD503D0DE74AB17FF365B6C71BEA7B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 14236AE5CBBFE0834D508733BB09B2CF
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: C716CB3E20E99B547DF64805E84475FD
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 4616F961F3DA7A8072452043F70C6E2F
Requests: 1 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/pubmatic/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: 24B2EEC479D19484E24A055339E03CAF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 14E01CF8322553A9A92F90B8EF5860DB
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Frame ID: B216141E1D35461DD16E9B268060127B
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: B73CC505C7F8EE0AE8558E7BE89455A7
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 7C61C45B63D63EA2DB591A6D4E561CCD
Requests: 9 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 97118B334DF236D1B78E8EFA35E82515
Requests: 7 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 712CEC66F1978E68EFF59391DE04B345
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: DB5D9F3C3C0372B5FAFDB26ACF1B073F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 74EBC3FF5AC61FFC62481367737807DE
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_pm-db5_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain
Frame ID: B9CAD9EF57147879AB34108724C1F87E
Requests: 1 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?uid=A2580877537250048855&dc=eba3ecb667ab30ab&fi=486214773fce3e9d
Frame ID: 40124C4FE9E68FF899982DD9726506EF
Requests: 4 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=eplanning&uid=AN1gKFZr0esrL-Et
Frame ID: 0816DAA001CCE7C6B6E1E34D7E309892
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: B5B7821B040978360CD5B33383354E5D
Requests: 12 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Frame ID: 64AFE49FFC371D3C385C2C8B96BC07E7
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 3282A63AC4687D7E3A82304DBFCE38AA
Requests: 2 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Frame ID: 1E7F93C6748762B9DF50CC053EFF25D1
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2687056411155449827788
Frame ID: 3A7C64E847CD90CDACA0DA6A9AC26073
Requests: 1 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=08086e4a-a446-4039-9081-3354ed5f7a34&expiration=1712280520
Frame ID: 67BA8BF6A072DE48276F7DEC720E9661
Requests: 1 HTTP requests in this frame

Frame: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&fullVersionList=&platform=&_rlid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
Frame ID: 6E62425C51086098941EB3B08045EB80
Requests: 13 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 8C122987AE32C9E06F93DCC307A6B2E8
Requests: 10 HTTP requests in this frame

Frame: https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: FD0083F28C22B14BEE228A6D13212EBC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adkernel
Frame ID: 9658BD6C85A908439E7A3E79ABC3677A
Requests: 4 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=5394353749448417114&gdpr=&gdpr_consent=
Frame ID: 38406A38BBCF392247D64B9907514C9A
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84YTBmODIzNy1jZDAzLTQ4ZjItYjQ4OC00Y2E1M2ZmYjU4ZmQ=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: B8DB11D4AA87E9B6395A9EF8F8A03E2E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 8D44F69E336D79F68C0DF5F46651D4F7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=736096f3-a33b-4e74-a900-147a47dba0f3
Frame ID: 42FC8C0B0414E73E69977D16A08A6D3F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZZdbScCo8YIAALvpxfgAAAAA
Frame ID: 3D60266C56E2783F8CA0E16BD98E4E85
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=gumgum
Frame ID: 1773C934DF4F9737699A852E4F9E88E3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 925415104C0BF1BA5BDA675056EC4299
Requests: 4 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Frame ID: 13147B092CBEF24A6584A7E1A767853F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f7716597-5b45-4000-9fa2-5f3c3f74983b&gdpr=0&gdpr_consent=
Frame ID: 499F5E2698D00333FF07A4379CAC7201
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 7952BFCCB86A6723EB577C98EB876B28
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: DD4B6CC8B415CC8A553026F7BA8B8895
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 765D9DBC757A3A5C1A7D1F778B08990A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7577045212095128841
Frame ID: E9FDE44012417CCC781635D0DAC357CF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A0A7D3915CF44960ACE5E888F4B75986&gdpr=0&gdpr_consent=
Frame ID: 74F5D862D957B5E18D10D124A04B1D27
Requests: 1 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/pubmatic/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: CF40C50C59850746373CE1D33F7EE02D
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: D036BFA55E0F5125E9900E8D05BC95CB
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 77858EE3CA96BF3A1128E8845EEA9C64
Requests: 10 HTTP requests in this frame

Frame: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Frame ID: BAB2C7BF8D2A4186EAA39B563EA04614
Requests: 24 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDA0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: 7B3A42F6FDBEF1E6603FE0651A979930
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDA0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: 1BA5247F1F109A1521DBC244B75A833F
Requests: 1 HTTP requests in this frame

Frame: https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1819BEE0928B98FF211990D885DD723F
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504522
Frame ID: C565494159D6328012420EA7BCCB3588
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=7386633197929965226&ex=appnexus.com
Frame ID: A41AD9F0F5D1FFC82818BC712A67C4DA
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Frame ID: 3F4A046BF1EECF6D2ADA75BA2554EBC8
Requests: 7 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Frame ID: E61A9E4120691CA07E6AAD12DA382284
Requests: 3 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=25&external_user_id=A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: DC1092E10735DD097E4810D9C5073B72
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=25&external_user_id=A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: BA6C10FDA303DAD3511C138669094B0C
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=25&external_user_id=A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: 10E8EB2CBEDEDB28C8316842BC9EAEA3
Requests: 1 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=486214773fce3e9d&uid=A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: 78D324D42A37124516DA3B8F7C088154
Requests: 1 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=486214773fce3e9d&uid=A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: B3A39654769E8462C7D334F069E196B0
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2687056411155449827788
Frame ID: 263822DA9FEC8DE866FF7FF9DE8200E7
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: BA89D65FD5974FB43286F5C34B532AE4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Frame ID: 57E2E672E774FFA9E5135094DB0EF747
Requests: 19 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Frame ID: F97B91ACE01057C3C95DA5A7520F3198
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: 3D186FE252C5927560248C520BB21F89
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: FD21E9DDE5A009146B4AF54A711D8611
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: C6452A3A6582875BDBB6C49737DE10A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240104/r20190131/zrt_lookup_fy2021.html
Frame ID: B283B0D9B3E90B3F9950F54A155D8461
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: 8DDB7E2FECEE33DC16AC89433B61178C
Requests: 1 HTTP requests in this frame

Frame: https://cti.w55c.net/ct/cms-2c-rubicon.html?gdpr=0&us_privacy=1---
Frame ID: 7BAA0A04468FF2A40FCC758077967557
Requests: 4 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Frame ID: E79EA861E6A581E03181FAA7F70F489B
Requests: 1 HTTP requests in this frame

Frame: https://demand.qortex.ai/sync?akuid=https://www.staradvertiser.com|A2580877537250048855
Frame ID: 4C91D1983592B9F66648C4230561BC02
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3958635835380150&output=html&h=90&slotname=2236707769&adk=3038292959&adf=4198762026&pi=t.ma~as.2236707769&w=728&fwrn=4&fwrnh=100&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704418123241&bpp=4&bdt=667&idt=474&shv=r20240104&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4073493798650&frm=8&ife=1&pv=2&ga_vid=2101351473.1704418124&ga_sid=1704418124&ga_hid=2091654250&ga_fc=0&nhd=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2162050837&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C42531644&oid=2&pvsid=510025747810085&tmod=347050201&uas=0&nvt=1&etu=AA-V4qPa8lkU2Wf8WCBMMiTk9-yswTeTMSTo9oPdFa0ojoZl2fWeF2GyIGWzDdMAQ4WnWmnAWapoZzay7iZuINTwn3F2dkLfQvDSTyAlTUSaPCFxlHIt-K8wdbVECfdBcIF8_7lmHVVJnHZPr_EoOYMq2KQtBa0GiIRvcdBfIsPbxHqau9D4K8OTdDGrGyahGDOdEYlQuOrviK8&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d2zwz8t2fh&fsb=1&dtd=676
Frame ID: C6370890A42A12CCEE1C96D196DC47C4
Requests: 9 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=25&external_user_id=A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: 420769F80923DEA211FBA1A1574648E0
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=25&external_user_id=A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: C9D093F36AD72CE3BC92B357C56B8BD9
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=25&external_user_id=A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: CF6CEE9CAF2930C6649989499800BA3F
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: BF154AD5CF984897D1548A4649C6E5B0
Requests: 1 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 324711EDF833AC5F5905540C59A94CE3
Requests: 8 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=22%2C41%2C12%2C54%2C7%2C3&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: C31507C41568128E26C907C9F0C358D7
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CBC52E6DBD1FD04C2F520AB14172188A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9721818B640341EFF5225CC25B58382D
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=24138
Frame ID: 3AE8DCB9625E906B4A6F86FB9EDB537D
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=79867bec466cc91
Frame ID: 4654A0FB973E2F7C2A2E860625901555
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZZdbTAADEn4IaCcKAAqevDP4T4gK--tJYxAIPA&u=%7CXEfrSS7KiJg%2B9O89rc8um8RLWiSWScKmFJit12HXCT0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF001uFa70DxO771mhLI1SmYvQ9FXoJngGw0jSGyv6XqYV-HaV7b-k68p07I58TBoWW9SmQGUnbYk85VzSbI3HyWCwADQAMnopGNApTYdJo3vx9ZlPWs9PuD-hFZCQbJEdHk-WIocY6OGbRGt7c92wCYCBlz7b9I7yjnyPnNviktPPKETUfbd5cLMlB2ICGsWsXqsE5YUy_1sm895CB2EQ5quBK5Vq6BTz9ffpskTWWjNucJhLY-EY5YReaUqBDEXLAsdSZX4sDeHfe8Pf3qg-J_Dsti464UdK6M0rVtXzCQSusv0MSpZJpk_OFvw8B-S4pO5na1tqDTISFtOPMaLuNYJdzVuwkuI397bwMWXwTomTvSBNfHzyEkD3faLdcOA7s9KmknNjmvVJjWWKCcIkqvdkH_l7M79B-qEQ6yTo0VW3FjfmUuNd1HjCfzyXD7_Jot2Yrd6cr1fPH8U_0V16wbmXKL6AcqbWCUTCnbKek7LHUygdhwaOuSQE8TAsl0VbV0soKN-IXYEhd05btgHhtuSOWJhMu9DDh0911J87z4l88&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClSsVTFuXZf6kDIrOoPMPvL2q0AGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzk1ODYzNTgzNTM4MDE1MMgBCagDAcgDAqoE-QFP0MYLP0Zd97MTteqCpyeG03lsjd73PHt364L9sldo7vutiXtONUz-FNpw78CVo1WQW6qMctuDMFML2Sfogz116Q6au5vhjRfKtE3nEXyDjpsuqimZHK5detsPBWo15fW9ztohboWrNEumMWznw1AdROyfIlz1VTq1RUBycHUzl_ZwhbuSkllrRMLzdj__PmrpHMU2GnxriVkxqDOJxsQUdiMLqo2MxH86S-nleLUOMdP8wyo-4150tqxX6lk1xMjc4u_T91AsVml8yVKwvXWIUaOondQvL1_NE-5IGg8fVgdzRZPFeE3jq084BEYI1QnYkmnjpv9jwwGABpju34yH193snAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY6N_dpozFgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jiM41XGdHkD9DsOKJ_cSvsEAeFw%26client%3Dca-pub-3958635835380150%26adurl%3D
Frame ID: A1B496B00C88FBFFCEAAF1FE61C5F6F1
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D2FE08B918F0FFED184DAB78820C2895
Requests: 9 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: F3E8BBC94BBDCAFA0EFCDC879CBFE030
Requests: 8 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&ru=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Frame ID: D95334D4A21D42036EDA7032E301A3C4
Requests: 1 HTTP requests in this frame

Frame: https://digikulture-d.openx.net/w/1.0/pd?us_privacy=1---
Frame ID: E25FB46231453B41E7AF7303E10D5B37
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DC146017E91FD09CA215AE1C9BBEB3C5
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=148803&us_privacy=1---
Frame ID: DB2A3908AFC808A3976690E531C4DB54
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5258305223
Frame ID: A1CFEC3C067EFEDC8D984611E87018C3
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: FE7A9D0582E70FB6EADE0CFD9F3C7F24
Requests: 6 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: E503116699C44339A7383E2E1428A55E
Requests: 11 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Frame ID: FAAD35DA1A3DF83918008C5F2E7A2C29
Requests: 6 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Frame ID: 7D05E1FC1F0D24FC28353D73F0EED3AB
Requests: 8 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=3474197131523813000V10&traffic_source=snippet&session=13A73333B6E4BAA1&sp=792813&pb=554204&c=750708&a=754412&domain=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Frame ID: 0935F1641C0260B5B7FB0256F6697494
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CtABShZ3d3cuc3RhcmFkdmVydGlzZXIuY29tUgthYXMtNjQ1NzE1N1oIcGJhMS4zLjNqFnd3dy5zdGFyYWR2ZXJ0aXNlci5jb236AQY4LjI2LjDoAgGIA7q23awGqAM66gMkMDc0MDQwZDEtYmJhNi00ZjNkLTkzZTYtZTUxYzVmODAwNjQ3qgQDRENIsgUDVVNE0gUJMTA1MTk5Mzg22AUB4AUB6gUHZGVza3RvcPoFA255NaoHA3dlYsoHEnN0YXJhZHZlcnRpc2VyLmNvbeAHAQ
Frame ID: 1B94FEEDE4A6E8BEEA1CF3A6906EBC4D
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Frame ID: C5CE780E492D96606291F35894D133DF
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=5394353749448417114&traffic_source=snippet&session=13A73333B6E4BAA1&sp=792813&pb=554204&c=709112&a=743293&domain=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Frame ID: 8B7A671D69E31D65F09E97F8AB03797A
Requests: 1 HTTP requests in this frame

Frame: https://cs.smartssp.iqzone.com/iframe?pbjs=1&coppa=0
Frame ID: 906157D8B09078DB0920283E2BB04961
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4E7F955F18ADB36F07B52ED71DEB3E4D
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a2165ovUyr7ykCrkHcnnVW&gdpr_consent=undefined&us_privacy=1---&gpp=&gpp_sid=
Frame ID: 762D194E6E625CD7B0F6965A7F0B413B
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: 3C1E78D282203606501DFFB5A02B639D
Requests: 7 HTTP requests in this frame

Frame: https://csync.smilewanted.com/?us_privacy=1---
Frame ID: 9E435373F740EB8D0297ABFCD5200A4F
Requests: 2 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V8MuwCLAZYi8NDfbKruBKwFoeH-mRXcS0AAABgYID-AIk4J5uJw-RbCxam5Vq0Gk7Wws1k5FYZloPdYjKxrRyrISAR52QzcZh8a8HCtFyLVsPJWriZjNwqw3KwW0wmtpVjNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG9ih6XT4XPd63e9315welofJ9rKcnp6X5a7xu_2SwWS0Fyz2gtFeYnk5vE67zy13-T5_td_ycouODrtbMlgr7VbX5WVyK2yml-Utd_neyr_l69Y4Tc-35nXxPZxv0eXhtLtFLsvDafb85QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaA8Q0CziwHBHf5Dsq_5esPAAAAACAAAAAASAAM7DeWALh4TTzx_________x9jgD7zRsb_____jYUeAA8-AB6EAAAAXAwxl61BrB3ZLSdyYFOEEQAAAAATQjujI5N0gopFlf___34rAFcAAAIYr3nIlrLoDkq8hQEAACgYs0APi99vdtg1frfL_P________-b-T_zj0ZoZGYmjfAkPKmaX0AAgDW_gAAAbNQNAMCbADhBJwBWRyEWs8FyM1kOlrMDAAAAcOf___9fD8jMfIvBxGTYbTwr32oz8Q1XE4dtZlmYbBvjxjTYHvHI_4yiLyjiPiHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBgtRptVjPPWuUyzdyilWO0Fm5GE7duuBwsTDPjZmWzuUWvj-njHKwME48XCQaw7UXytEgnssnKNfEtJoPByDba7JbDjck2WZgcI9PGspgYJxOxRHOySCeyy74z8y0GE5Nht_GsfKvNxDdcTRy2mWVhsm2MG9NgX1itRpvVzLNWuUwzt2jlGK2Fm9HErRsuBwvTzLhZ2Wxu0etj-jgHK8PE42_sBqPRYrgYDPeN3WA0WgwXg-G-Q2f4rj5no_JlzHiEIpE4sdvZnAaFy2DxTosWaetw9Bl1XttEmFqbdo6JVWiVeA0Kz8FjGhtr6sPfmlvtbhaF42BRxBLBRTrRO4yut-b0sDxMtpfl9PS8LBexRGm6SCd6yWAy2gsWe8FoL7G8HF6n3eeWu3yfv9pveblFR4fdLRmslXar6_IyuRU208vylrt8b-Xf8nVrnKbnW_O6-B7Ot-jycNrdIpfl4TR7LmKJ4HSRTkQv4-mi_qOGGc4Vm8lcsRjOdYNVAgAAAAAAAACwBJNMNwEAAABwMpDZYjBYrdNBrFaTyWy1XAARVqy6fv5ZsHPebBl3SamVa7HF1qEUa-yxiXcYXW_N6WF5mGwvy-npeVmuDCDCSpXZZp8RxFqtljUAAAABbAAAAAHcdONNwJkV9____z8OAAAAgBx6AAAA9PuAooqFH7lQ7PkVxGIxGO0fgAqxVqvV7cZarVZAgdpNIABAQD1BAAAAAACAFTA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: BD4551DA0D4AAAAFC1C2C2280637D00D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: A1642149BF13A4E390A2ABD25C0A312A
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Frame ID: C2C4BC0B00F3F7359AD748E0B6AB9363
Requests: 4 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=829538&gdpr=&gdpr_consent=&us_privacy=1---
Frame ID: 3D3916093E64B273D3AFF7F9C9EADEEA
Requests: 7 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 60A1726BECB3E6DC51C814E3E5D59B32
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/6066353311403014312
Frame ID: A9DAEF16737FB033039A27D65ED67E4A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/7386633197929965226
Frame ID: 1BCE6BD35363AB850D9F15781A7DE480
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LQZYJ7Y5-28-J2H9?gdpr=0
Frame ID: 7A0AF9043FCC55F6584B372278B2A87C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 9FC1F4423C1D8F86751683C2CEE544FE
Requests: 1 HTTP requests in this frame

Frame: https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Frame ID: B63998CCA04AFA67E3B09DCB4FDBAF65
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/e337b882-7cdc-47da-a87d-3c455381b18c
Frame ID: 7756C2AF8C3CA312F120FFE8820A0567
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/sovrn/H8B4hBZHEQ_m7NwFTi24NL7-
Frame ID: 483BBCD88D2B52CDB6CCAFDBE7BEDED0
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/5394353749448417114
Frame ID: 2F5683BA87F7CB97364A97F61E45A00C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adwmg/5a3c3256-d9f2-4367-85f1-32f976afad14
Frame ID: 180733B37EF84C7C64534E3FE48CCB40
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Frame ID: CDCD616BE00DD39803056C7073B3B5BC
Requests: 23 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D488210%26a%3D304056%26domain%3Dstaradvertiser.com
Frame ID: D84B54346DD2F38FC628B02D13194B73
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=adtelligent&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=%7Buid%7D
Frame ID: 0149CD00774C93725242703D1A7D4050
Requests: 1 HTTP requests in this frame

Frame: https://sync.lunamedia.live/psync?t=s&e=255&cb=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001875%26dspCookie%3D%25USER_ID%25%26gdpr%3D0%26gdpr_consent%3D[GDPR_CONSENT]
Frame ID: FCC6830C3D71585F59D2F98AA72B461F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: E5FB5992063BD796E2C98CE2644178B8
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: 27473815DD4A5C4696A8A76BA0375E10
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Frame ID: 4B292BF6602E21F7D1E33B77DDBF04EE
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D44917234a27bfa53%26uid%3D
Frame ID: F6B7592102C64DC82312B652BAB76E35
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44917234a27bfa53%26uid%3D
Frame ID: 4956AF864A70C06CAB4D610724D0A986
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: C6253996C88AE8CDCB10269B9B0DAE61
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: F9F4E4B9DA32B5185DD380EFD65E05CE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44917234a27bfa53%26uid%3D
Frame ID: 02E3BB2F09180F8D2E3E3296A094D2F0
Requests: 5 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=44917234a27bfa53&uid=A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: 8D2BA69D648900CCEABD356639AACF68
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 1B98509EC11CD81459B9233E242102FB
Requests: 12 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?uid=A2580877537250048855&dc=eba3ecb667ab30ab&fi=44917234a27bfa53
Frame ID: 4A75F695951BECF3E9F5356640FEAEAF
Requests: 4 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AN1gKFZr0esrL-Et&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=484122&a=307971&domain=staradvertiser.com
Frame ID: 7E76E006AF7D8E8A855DB08A91747C75
Requests: 1 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=44917234a27bfa53&uid=A0864502-06A0-4ED8-A79E-7CD263E71299
Frame ID: E2385F90E993204CED23AFE6BC839750
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZZdbScCo8YIAALvpxfgAAAAA
Frame ID: 4CFC5330C537561541757A42BD9B7231
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=gumgum
Frame ID: 51B1452220F4380A2694E2439CD40EBF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 2E266EB64903838A152A3B3112F257DC
Requests: 3 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84YTBmODIzNy1jZDAzLTQ4ZjItYjQ4OC00Y2E1M2ZmYjU4ZmQ=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 6605AC5A135B43D8679D0A6B557805C6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=736096f3-a33b-4e74-a900-147a47dba0f3
Frame ID: 6AE8E0F3AD879DC487949632E975C1F8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adkernel
Frame ID: 8D738CE7653C7C33589323081456D8BE
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 58BD29A864D1279B5D012A8CE92499F7
Requests: 1 HTTP requests in this frame

Frame: https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F3D6E228725907CB47D964D9396A1178
Requests: 23 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Frame ID: 7657FC73EFB492873D57BA79324A3E8C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D04E1D3984CCDD8A9F76B7B5BE3DC9B6
Requests: 9 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=154%2C94%2C122%2C26%2C2%2C161&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 6ED34CD61CD069F05961E8E0BFB68D72
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Frame ID: 71759935C41F7BBEB4F36A2D6A0AE5C8
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: B96FC5CDAF968A8DEF0F84DFD4C6F9BE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

More than 20 injured after New York City subway train derails | Honolulu Star-AdvertiserArrow LeftArrow RightGroup 3Group 3Group 3Group 3

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • rollbar\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

1750
Requests

70 %
HTTPS

30 %
IPv6

243
Domains

444
Subdomains

292
IPs

14
Countries

20684 kB
Transfer

47444 kB
Size

462
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://embed.sendtonews.com/player3/embedcode.js?fk=y3roexcY&cid=13479&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right HTTP 302
  • https://embedcdn.sendtonews.com/easy-stn-player/7.29.3-U/embed.js
Request Chain 92
  • https://js.matheranalytics.com/s/ma15446/988352900/ml.js?cb=1644 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma15446/988352900/2/ml.br.js
Request Chain 167
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035032&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704418106655&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=5&cs_cmp_rt=557&c7=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&c8=More%20than%2020%20injured%20after%20New%20York%20City%20subway%20train%20derails%20%7C%20Honolulu%20Star-Advertiser&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035032&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704418106655&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=5&cs_cmp_rt=557&c7=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&c8=More%20than%2020%20injured%20after%20New%20York%20City%20subway%20train%20derails%20%7C%20Honolulu%20Star-Advertiser&c9=
Request Chain 238
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001704418109-NTS4H3MM-VH3X%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&adnxs_id=7386633197929965226&gdpr=0
Request Chain 239
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001704418109-NTS4H3MM-VH3X&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001704418109-NTS4H3MM-VH3X&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=736096f3-a33b-4e74-a900-147a47dba0f3&id=AU1D-0100-001704418109-NTS4H3MM-VH3X
Request Chain 240
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001704418109-NTS4H3MM-VH3X HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001704418109-NTS4H3MM-VH3X HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=A0864502-06A0-4ED8-A79E-7CD263E71299&id=AU1D-0100-001704418109-NTS4H3MM-VH3X
Request Chain 241
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001704418109-NTS4H3MM-VH3X&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&rub=LQZYJ7Y5-28-J2H9&gdpr=0
Request Chain 242
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001704418109-NTS4H3MM-VH3X&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001704418109-NTS4H3MM-VH3X%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001704418109-NTS4H3MM-VH3X&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001704418109-NTS4H3MM-VH3X%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4997edfe-4ce1-4693-848f-c8b66f02f74e%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001704418109-NTS4H3MM-VH3X%252526tapad_id%25253D4997edfe-4ce1-4693-848f-c8b66f02f74e%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=736096f3-a33b-4e74-a900-147a47dba0f3&ttd_puid=4997edfe-4ce1-4693-848f-c8b66f02f74e%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001704418109-NTS4H3MM-VH3X%2526tapad_id%253D4997edfe-4ce1-4693-848f-c8b66f02f74e%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&tapad_id=4997edfe-4ce1-4693-848f-c8b66f02f74e
Request Chain 243
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001704418109-NTS4H3MM-VH3X HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&google_gid=CAESEN4pxqMjqaAnxjFuBYirIQo&google_cver=1&google_ula=450542624,0
Request Chain 244
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001704418109-NTS4H3MM-VH3X HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDQxODEwOS1OVFM0SDNNTS1WSDNY
Request Chain 245
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001704418109-NTS4H3MM-VH3X HTTP 303
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001704418109-NTS4H3MM-VH3X&_bee_ppp=1 HTTP 303
  • https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAAQHk7LLrYAABaDzK28HA&id=AU1D-0100-001704418109-NTS4H3MM-VH3X
Request Chain 246
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&uid=[UID]&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&uid=770043a8-af77-46db-9a99-c38ce904d888&gdpr=0
Request Chain 247
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001704418109-NTS4H3MM-VH3X&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001704418109-NTS4H3MM-VH3X HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001704418109-NTS4H3MM-VH3X&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001704418109-NTS4H3MM-VH3X HTTP 302
  • https://ids.ad.gt/api/v1/adb_match?adb=52484525425390576564160136390183098686&id=AU1D-0100-001704418109-NTS4H3MM-VH3X
Request Chain 252
  • https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js HTTP 302
  • https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Request Chain 312
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Request Chain 323
  • https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&us_privacy=1--- HTTP 307
  • https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&us_privacy=1---&b=1&g=%2BBjbB0yJ1CXoDOyA5XzgLs0p%2BHfG1Wq9jA9mDOpaG0A%3D&fp=%2FYCDo88H9fLPGXTvFNqMMloV8O6zk0RTxHxsoZR5jfcBuvi9VpHA4NqlPk%2FF2uNeFNu5%2BEhAWuK%2F8fgG4GakbA%3D%3D
Request Chain 331
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Request Chain 377
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Request Chain 384
  • https://ex.ingage.tech/v1/syncPage/unruly?userId=b9e8126a-a546-48ae-9dc7-dd9b2e497b11&to=https%3A%2F%2Fsync.1rx.io%2Fusersync2%2Frmpssp%3Fsub%3Dinsticator HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator&zcc=1&cb=1704418111816 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7687198132 HTTP 302
  • https://sync.1rx.io/usersync/turn/7898252983751812422?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2FsyncPage%2Funruly%3Fuid%3DRX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005 HTTP 302
  • https://ex.ingage.tech/v1/syncPage/unruly?uid=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005 HTTP 302
  • https://ex.ingage.tech/v1/sync/unruly/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Request Chain 385
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Request Chain 387
  • https://u.openx.net/w/1.0/cm?id=b355ce4f-581b-4a1c-8c84-81fe81e4bc39&r=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fopenx%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D HTTP 302
  • https://ex.ingage.tech/v1/sync/openx/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=45e60238-042b-420a-af51-f1abce306690
Request Chain 389
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&b=1
Request Chain 390
  • https://ex.ingage.tech/v1/syncPage/sharethrough?userId=b9e8126a-a546-48ae-9dc7-dd9b2e497b11&to=https%3A%2F%2Fmatch.sharethrough.com%2Funiversal%2Fv1%3Fsupply_id%3Djc3Tkmr6 HTTP 302
  • https://match.sharethrough.com/universal/v1?supply_id=jc3Tkmr6 HTTP 302
  • https://ex.ingage.tech/v1/syncPage/sharethrough?uid=c73598e4-19af-4225-ad41-0db5af961cdf HTTP 302
  • https://ex.ingage.tech/v1/sync/sharethrough/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=c73598e4-19af-4225-ad41-0db5af961cdf
Request Chain 394
  • https://csync.loopme.me/?pubid=11530&redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Floopme%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D%7Bviewer_token%7D HTTP 307
  • https://ex.ingage.tech/v1/sync/loopme/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=d08b0939-e7dd-47e1-a1ce-13919d351d77
Request Chain 402
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsonobi%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D HTTP 302
  • https://ex.ingage.tech/v1/sync/sonobi/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=770043a8-af77-46db-9a99-c38ce904d888
Request Chain 403
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Request Chain 404
  • https://sync.colossusssp.com/dfbcab6866523fad621f413a5998f670.gif?puid=638&redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fcolossus%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D%5BUID%5D HTTP 302
  • https://ex.ingage.tech/v1/sync/colossus/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=1e2c6b9b-b313-4977-8d47-506b6f116205
Request Chain 405
  • https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D&s=192379&C=1
Request Chain 406
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D%24UID HTTP 307
  • https://ex.ingage.tech/v1/sync/sovrn/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=H8B4hBZHEQ_m7NwFTi24NL7-
Request Chain 445
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=818726b0a3b1b87f81433a2669b2306d&gdpr_consent=&gdpr=0
Request Chain 446
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=770043a8-af77-46db-9a99-c38ce904d888
Request Chain 447
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=d08b0939-e7dd-47e1-a1ce-13919d351d77&gdpr_consent=null&gdpr=0
Request Chain 448
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=c73598e4-19af-4225-ad41-0db5af961cdf&gdpr=0
Request Chain 449
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Request Chain 450
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=ae7d6682-9b56-4401-a54f-a73b0c94cdbd
Request Chain 451
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTA4NjQ1MDItMDZBMC00RUQ4LUE3OUUtN0NEMjYzRTcxMjk5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELWL8yepwJVgoFXd5zVih_Y&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A0864502-06A0-4ED8-A79E-7CD263E71299
Request Chain 452
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11600&id=6066353311403014312&gdpr=0&gdpr_consent=
Request Chain 453
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=VEIznffDDzf1nB7iTMI_&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 454
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212429669350874
Request Chain 455
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=K5XH98XlPE9c&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Request Chain 456
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2777457757 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/736096f3-a33b-4e74-a900-147a47dba0f3 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Request Chain 458
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=7386633197929965226&gdpr=0&gdpr_consent=
Request Chain 462
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZZdbQAAMIjwI5QBH HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZdbQAAMIjwI5QBH&_test=ZZdbQAAMIjwI5QBH
Request Chain 464
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=1eab0669-5013-c2be-2e06-793e450ed21e HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=1eab0669-5013-c2be-2e06-793e450ed21e&dcc=t
Request Chain 465
  • https://match.adsrvr.org/track/cmf/openx?oxid=467d7a14-4cb9-7944-ee08-fba92d3d19fe&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=736096f3-a33b-4e74-a900-147a47dba0f3&ttd_puid=467d7a14-4cb9-7944-ee08-fba92d3d19fe&gdpr=0&gdpr_consent=
Request Chain 467
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDaVku7Fk3J1YWl34EirdNE&google_cver=1
Request Chain 469
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZdbPwCgEoqR40X4NR82pgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFR6_ugvQv6a4E9G_leWvTI&google_cver=1
Request Chain 470
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=736096f3-a33b-4e74-a900-147a47dba0f3&expiration=1707010112&gdpr=0&gdpr_consent=
Request Chain 471
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZdbPwCgEoqR40X4NR82pgAA%261641&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZdbPwCgEoqR40X4NR82pgAA%261641&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=0e521442191b476ebd4b7f1dc324ebc5 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=0e521442-191b-476e-bd4b-7f1dc324ebc5 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=73e61b6f-a064-4dfc-a9ec-caa48a3f5854%3A1704418113.6999092&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D73e61b6f-a064-4dfc-a9ec-caa48a3f5854%253A1704418113.6999092%26pid%3D500040%26it%3D1%26iv%3D73e61b6f-a064-4dfc-a9ec-caa48a3f5854%253A1704418113.6999092%26_%3D1704418113.7024932&cb=1704418113.7025344 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1813050728247349171&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D73e61b6f-a064-4dfc-a9ec-caa48a3f5854%253A1704418113.6999092%26pid%3D500040%26it%3D1%26iv%3D73e61b6f-a064-4dfc-a9ec-caa48a3f5854%253A1704418113.6999092%26_%3D1704418113.7024932 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=73e61b6f-a064-4dfc-a9ec-caa48a3f5854%3A1704418113.6999092&pid=500040&it=1&iv=73e61b6f-a064-4dfc-a9ec-caa48a3f5854%3A1704418113.6999092&_=1704418113.7024932 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704418113.7024932&iv=73e61b6f-a064-4dfc-a9ec-caa48a3f5854:1704418113.6999092
Request Chain 473
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3ad06018-d1ed-a766-3562c7cc
Request Chain 474
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=d32de12f-65c3-42c1-a39f-1a86978ca970
Request Chain 475
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5394353749448417114&expiration=1705627713
Request Chain 476
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=wEAGKYle1Rlz0J5
Request Chain 503
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 505
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator HTTP 301
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Request Chain 506
  • https://ads.stickyadstv.com/user-matching?id=3656 HTTP 302
  • https://u.4dex.io/setuid?bidder=freewheel&uid=8cde5c648fe156140db5378baffff1b
Request Chain 530
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 531
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704418112026.6&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 532
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=59e9df5d-c912-4e7b-b753-fe5a89a9761c&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 533
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-iv3gN.tE2uEkYFmPdqKwnYFQAUpDuJNR~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iv3gN.tE2uEkYFmPdqKwnYFQAUpDuJNR%7EA&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 534
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504514&us_privacy=
Request Chain 535
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2687056411155449827788 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2687056411155449827788&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 539
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 540
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=the33across&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc&google_hm=ZjIzYmQzMTItNWJiNi00MjRhLTk1ZTktZDE1MjIwZjBlN2Rj HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHl6DoqfiwaGI5r4GKl3JBk&google_cver=1&ssp=the33across&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 541
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-iv3gN.tE2uEkYFmPdqKwnYFQAUpDuJNR~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iv3gN.tE2uEkYFmPdqKwnYFQAUpDuJNR%7EA&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 542
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504514&us_privacy=
Request Chain 543
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2687056411155449827788 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2687056411155449827788&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 544
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704418112026.6&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 545
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 546
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=-tBDgfwlV_hvwp42xPpc4iaEdkY&user_group=1&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Request Chain 547
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-iv3gN.tE2uEkYFmPdqKwnYFQAUpDuJNR~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iv3gN.tE2uEkYFmPdqKwnYFQAUpDuJNR%7EA&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 548
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504514&us_privacy=
Request Chain 549
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2687056411155449827788
Request Chain 550
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704418112026.6&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 554
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Request Chain 555
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=5aae2540-b768-4666-864c-f0c5786ce1d3&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_consent=&us_privacy=1---&_t=1704418113365 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NWFhZTI1NDAtYjc2OC00NjY2LTg2NGMtZjBjNTc4NmNlMWQz&us_privacy=1---
Request Chain 556
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&gdpr_consent=&_t=1704418113365 HTTP 302
  • https://sync.teads.tv/um?eid=22&uid=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent=
Request Chain 557
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1704418113365 HTTP 302
  • https://sync.teads.tv/um?fp=1&eid=80&uid=8b8293d3-9878-4b12-9ae2-54436c2413c7&gdpr=0&gdpr_consent=
Request Chain 558
  • https://pr-bh.ybp.yahoo.com/sync/teads/5aae2540-b768-4666-864c-f0c5786ce1d3?gdpr=0&gdpr_consent=&_t=1704418113365 HTTP 302
  • https://sync.teads.tv/um?eid=132&uid=y-c7OxrkJE2oQmkIRXPwaoO3SjoWBRIMhGgZQ-~A
Request Chain 559
  • https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=5aae2540-b768-4666-864c-f0c5786ce1d3_us_us&gdpr=0&gdpr_consent=&us_privacy=1---&_t=1704418113365 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=5aae2540-b768-4666-864c-f0c5786ce1d3_us_us&gdpr=0&gdpr_consent=&us_privacy=1---&_t=1704418113365&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 561
  • https://idsync.rlcdn.com/474599.gif?partner_uid=5aae2540-b768-4666-864c-f0c5786ce1d3_us&ct=4&cv=&us_privacy=1---&_t=1704418113365 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=COf7HBIzCi8IARCzmAkaJzVhYWUyNTQwLWI3NjgtNDY2Ni04NjRjLWYwYzU3ODZjZTFkM191cxAAGg0IxLbdrAYSBQjoBxAAQgBKAFoECAQSAFoICAMSBDEtLS0 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=d4c4fdfa386fdf1025445860eb1b637075d9bbf91c676a8a2585ba7c887985c1791426b5417dce21&_=2 HTTP 307
  • https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=06132730
Request Chain 564
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=5aae2540-b768-4666-864c-f0c5786ce1d3&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&_t=1704418113365 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000024&uuid=5aae2540-b768-4666-864c-f0c5786ce1d3&us_privacy=1---
Request Chain 565
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=5aae2540-b768-4666-864c-f0c5786ce1d3&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_consent=&us_privacy=1---&_t=1704418113365 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NWFhZTI1NDAtYjc2OC00NjY2LTg2NGMtZjBjNTc4NmNlMWQz&us_privacy=1--- HTTP 302
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Request Chain 566
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Request Chain 569
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704418114850&pubconsent=&euconsent=&hasConsent=1 HTTP 302
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704418114850&pubconsent=&euconsent=&hasConsent=1&rd=1
Request Chain 573
  • https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=c73598e4-19af-4225-ad41-0db5af961cdf&gdpr=0
Request Chain 574
  • https://bh.contextweb.com/bh/rtset?pid=562983&ev=1&us_privacy=&rurl=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpulsepoint%3Fchanneluid%3D%25%25VGUID%25%25 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=K5XH98XlPE9c&ev=1&us_privacy=&pid=562983
Request Chain 576
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID HTTP 302
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7386633197929965226
Request Chain 577
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/smart?channeluid=6066353311403014312
Request Chain 578
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/seedtag?cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__&gdpr=0&gdpr_consent=&puid=&s=2&us_privacy= HTTP 302
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=BUe8t8AGKClBFU9g5GxQ&gdpr=0
Request Chain 579
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://s.seedtag.com/cs/cookiesync/ttd?channeluid=736096f3-a33b-4e74-a900-147a47dba0f3
Request Chain 580
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=seedtag&bsw_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dseedtag%26bsw_param%3Df23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D4997edfe-4ce1-4693-848f-c8b66f02f74e%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dseedtag%252526bsw_param%25253Df23bd312-5bb6-424a-95e9-d15220f0e7dc%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7386633197929965226&pt=4997edfe-4ce1-4693-848f-c8b66f02f74e%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dseedtag%2526bsw_param%253Df23bd312-5bb6-424a-95e9-d15220f0e7dc%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=seedtag&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=
Request Chain 581
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D&rd=1 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/richaudience?channeluid=48de1664-fb49-47b7-b409-1zz1704418099
Request Chain 583
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZZdbPwCgEoqR40X4NR82pgAA%261641
Request Chain 584
  • https://ups.analytics.yahoo.com/ups/58427/occ HTTP 302
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-uGmQNf9E2uGk8tFr6mk8l.QU3q9_7CWdCklAipk-~A
Request Chain 585
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fadform%3Fchanneluid%3D%24UID HTTP 303
  • https://s.seedtag.com/cs/cookiesync/adform?channeluid=5394353749448417114
Request Chain 586
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID HTTP 307
  • https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=H8B4hBZHEQ_m7NwFTi24NL7-
Request Chain 587
  • https://u.openx.net/w/1.0/cm?id=e297ef35-c932-4587-9b44-3838020a33e7&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fopenx%3Fchanneluid%3D%7BOPENX_ID%7D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/openx?channeluid=14242342-9502-4d91-b891-486d4ddee94e
Request Chain 588
  • https://event.clientgear.com/cookie/seedtag?partner=seedtag&cookieid= HTTP 302
  • https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mka437b19fc08a48c28f93aeaf223ee5f8
Request Chain 589
  • https://creativecdn.com/cm-notify?pi=seedtag HTTP 302
  • https://creativecdn.com/cm-notify?pi=seedtag&tc=1 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=seedtag&tc=1
Request Chain 590
  • https://t.adx.opera.com/pub/sync?pubid=pub9283744565120 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPU6f38051ae3b444a4aea786afd04874f0
Request Chain 616
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=736096f3-a33b-4e74-a900-147a47dba0f3
Request Chain 617
  • https://cs.media.net/cksync?cs=69&type=tb&gdpr=0&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E HTTP 302
  • https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3474197131523813000V10
Request Chain 618
  • https://pr-bh.ybp.yahoo.com/sync/taboola/055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-dSLQ1lFE2oQBU8VUt0FJMVutChr21i.q5Xou1g--~A
Request Chain 619
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=736096f3-a33b-4e74-a900-147a47dba0f3
Request Chain 620
  • https://cs.media.net/cksync?cs=69&type=tb&gdpr=0&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E HTTP 302
  • https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3474197131523813000V10
Request Chain 621
  • https://pr-bh.ybp.yahoo.com/sync/taboola/055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-dSLQ1lFE2oQBU8VUt0FJMVutChr21i.q5Xou1g--~A
Request Chain 630
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D486214773fce3e9d HTTP 302
  • https://pixel.sitescout.com/dmp/pixelSync?cookieQ=1&network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D486214773fce3e9d HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dd84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553%26partner_url%3Dhttps%253A%252F%252Fu-iad04.e-planning.net%252Fum%253Fuid%253Dd84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553%2526dc%253D0abbcb4eba840e59%2526fi%253D486214773fce3e9d HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&partner_url=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3Dd84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553%26dc%3D0abbcb4eba840e59%26fi%3D486214773fce3e9d HTTP 302
  • https://u-iad04.e-planning.net/um?uid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&dc=0abbcb4eba840e59&fi=486214773fce3e9d
Request Chain 631
  • https://bh.contextweb.com/bh/rtset?pid=562965&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%%VGUID%%%26dc%3D66b7ef4184d94c10%26fi%3D486214773fce3e9d HTTP 302
  • https://u-iad04.e-planning.net/um?uid=K5XH98XlPE9c&dc=66b7ef4184d94c10&fi=486214773fce3e9d&ev=1&us_privacy=${us_privacy}&pid=562965
Request Chain 634
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D486214773fce3e9d%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=486214773fce3e9d&uid=7fa3f5db-f526-4aad-8584-3bbcac66db73
Request Chain 636
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D486214773fce3e9d%26uid%3D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=486214773fce3e9d&uid=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504516
Request Chain 637
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D486214773fce3e9d HTTP 302
  • https://u-iad04.e-planning.net/um?uid=48de1664-fb49-47b7-b409-1zz1704418099&dc=fabfd6762b833237&fi=486214773fce3e9d
Request Chain 638
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D486214773fce3e9d%26uid%3D%24UID HTTP 302
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=486214773fce3e9d&uid=7386633197929965226
Request Chain 639
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D486214773fce3e9d%26uid%3D%5BUID%5D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=486214773fce3e9d&uid=770043a8-af77-46db-9a99-c38ce904d888
Request Chain 640
  • https://rtb.om-meta.com/csync?exchange=41cd7873289762a3cc93a994250371cf1cd20569&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dbe1f3f8d2283c058%26fi%3D486214773fce3e9d%26uid%3D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=486214773fce3e9d&uid=94587298-0b88-4322-9981-ae550157b0de
Request Chain 641
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D486214773fce3e9d%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=486214773fce3e9d&uid=ua-ad54b833-7c6f-352a-acb0-b4e156cda26b
Request Chain 642
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH HTTP 302
  • https://sync.e-planning.net/um?uid=c73598e4-19af-4225-ad41-0db5af961cdf&dc=769fefa8321c94fb&iss=1
Request Chain 643
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D486214773fce3e9d HTTP 302
  • https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=486214773fce3e9d
Request Chain 644
  • https://sync.colossusssp.com/25846d60f03337a85b16b62fb624c502.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3Dd015773253e1640b%26fi%3D486214773fce3e9d HTTP 302
  • https://u-iad04.e-planning.net/um?uid=1e2c6b9b-b313-4977-8d47-506b6f116205&dc=d015773253e1640b&fi=486214773fce3e9d
Request Chain 645
  • https://x.bidswitch.net/sync?ssp=eplanning HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=eplanning HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=eplanning HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0cab6805-c694-4a0f-a9f1-3fc892c60190&ssp=eplanning
Request Chain 646
  • https://cm-x.mgid.com/7c66bfc34cae8636a9aefaf68cb9041c.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3D98bd04598763300f%26fi%3D486214773fce3e9d HTTP 302
  • https://u-iad04.e-planning.net/um?uid=75d3231a-8b28-476c-856f-1982c6c9795b&dc=98bd04598763300f&fi=486214773fce3e9d
Request Chain 647
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=ZXBsYW5uaW5n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&callback=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7Bym_user_id%7D%26dc%3Ddbfd729d40c9c3fc%26fi%3D486214773fce3e9d HTTP 302
  • https://u-iad04.e-planning.net/um?uid=ym_user_f42d1ad0-05e4-4bec-8277-d0223c159ff3&dc=dbfd729d40c9c3fc&fi=486214773fce3e9d
Request Chain 648
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2069.96%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=7138357452 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/2069.96/f7716597-5b45-4000-9fa2-5f3c3f74983b?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005%26dc%3Dfc741bbdfeedcd57%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005&dc=fc741bbdfeedcd57&iss=1
Request Chain 652
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7386633197929965226&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 653
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7386633197929965226&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 654
  • https://dis.criteo.com/dis/usersync.aspx?r=70&p=120&cp=adyoulike&cu=1&url=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fis_cookie_sync_uid%3Dtrue%26uid%3D4246a50e6cf42e85f26c381a4b7701fb%26name%3DCRITEO%26visitor%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=8b8293d3-9878-4b12-9ae2-54436c2413c7
Request Chain 656
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
Request Chain 657
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=adyoulike&ssp_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-b_TzuFpE2pkUz94wCbmugmxYK_20IX7Yw79exA--~A&expires=5&ssp=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=f23bd312-5bb6-424a-95e9-d15220f0e7dc&name=BIDSWITCH&gdpr=&gdpr_consent=
Request Chain 658
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=736096f3-a33b-4e74-a900-147a47dba0f3&name=THE_TRADE_DESK
Request Chain 659
  • https://match.prod.bidr.io/cookie-sync/aul HTTP 303
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAAQHk7LLrYAABaDzK28HA&name=BEESWAX
Request Chain 660
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=BUe8t8AGKClBFU9g5GxQ&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 661
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=d08b0939-e7dd-47e1-a1ce-13919d351d77%20&gdpr_consent=null&gdpr=0
Request Chain 662
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=BUe8t8AGKClBFU9g5GxQ&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 663
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Request Chain 664
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0a00220400cfc8e2c37e0815&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Request Chain 665
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&name=STACKADAPT&gdpr=0&gdpr_consent=
Request Chain 668
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=c7afadb5-2f38-4468-a903-ccb38af6a4be&gdpr=0&gdpr_consent=
Request Chain 669
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67019618f4c5f35f52e%26visitor%3D%24%24visitor_cookie%24%24%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=0e9edc1031de420496b7be83175ae78d&gdpr=0&gdpr_consent=
Request Chain 670
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=d32de12f-65c3-42c1-a39f-1a86978ca970&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Request Chain 675
  • https://id.a-mx.com/sync?tao=1&&do=www.staradvertiser.com HTTP 302
  • https://c3.a-mo.net/b?uid=49cc3995-5ade-4dd3-960f-6b3138eb67a4&sh=id.a-mx.com& HTTP 302
  • https://id.a-mx.com/set?oid=49cc3995-5ade-4dd3-960f-6b3138eb67a4&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&
Request Chain 676
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Request Chain 677
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc&chk=1
Request Chain 678
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-uGmQNf9E2uGk8tFr6mk8l.QU3q9_7CWdCklAipk-~A
Request Chain 679
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Damx_com%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=amx_com&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
Request Chain 680
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=openx&uid=7fa3f5db-f526-4aad-8584-3bbcac66db73
Request Chain 681
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=adform&uid=5394353749448417114
Request Chain 682
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0f4048a3-19cf-4e08-b88a-c8eedd147483&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 683
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?us_privacy=1---&A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=index_rtb&uid=ZZdbPwCgEoqR40X4NR82pgAA%261641
Request Chain 684
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=sovrn&uid=H8B4hBZHEQ_m7NwFTi24NL7-
Request Chain 685
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=appnexus&uid=7386633197929965226
Request Chain 689
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Request Chain 690
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=MzZmOWY1Zjc1OTA1ZTA4&gdpr=0&gdpr_consent=&us_privacy=1---&ssp=adaptmx&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 691
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-uGmQNf9E2uGk8tFr6mk8l.QU3q9_7CWdCklAipk-~A
Request Chain 692
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Damx_com%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=amx_com&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
Request Chain 693
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=openx&uid=7fa3f5db-f526-4aad-8584-3bbcac66db73
Request Chain 694
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=adform&uid=5394353749448417114
Request Chain 695
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dpubmatic%26uid%3DA0864502-06A0-4ED8-A79E-7CD263E71299&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=pubmatic&uid=A0864502-06A0-4ED8-A79E-7CD263E71299
Request Chain 696
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?us_privacy=1---&A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=index_rtb&uid=ZZdbPwCgEoqR40X4NR82pgAA%261641
Request Chain 697
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=sovrn&uid=H8B4hBZHEQ_m7NwFTi24NL7-
Request Chain 698
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=appnexus&uid=7386633197929965226
Request Chain 722
  • https://pixel.rubiconproject.com/token?pid=34010&customParamenters HTTP 302
  • https://s.cpx.to/sync?dsp=rubicon&dsp_uid=LQZYJ7Y5-28-J2H9&customParamenters=
Request Chain 723
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm HTTP 302
  • https://s.cpx.to/sync?dsp_uid=CAESEPsa0vTY7s6j9bsMQmJLSnQ&dsp=dbm&google_cver=1
Request Chain 724
  • https://u.openx.net/w/1.0/cm?id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://s.cpx.to/sync?dsp=OPENX&dsp_uid=06405607-7011-454b-8c9e-03052caa067c
Request Chain 725
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=A0864502-06A0-4ED8-A79E-7CD263E71299
Request Chain 726
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Request Chain 729
  • https://dis.criteo.com/dis/usersync.aspx?r=70&p=120&cp=adyoulike&cu=1&url=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fis_cookie_sync_uid%3Dtrue%26uid%3D4246a50e6cf42e85f26c381a4b7701fb%26name%3DCRITEO%26visitor%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=8b8293d3-9878-4b12-9ae2-54436c2413c7
Request Chain 730
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 731
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 733
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7386633197929965226&gdpr=0&gdpr_consent=
Request Chain 734
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/ HTTP 302
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?gdpr=0&euconsent=&uid=6066353311403014312
Request Chain 735
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=48de1664-fb49-47b7-b409-1zz1704418099 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Drichaudience%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Drichaudience%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=6117447247668105881 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=c4fec229-13ee-5305-99c3-5f50fc540415&ssp=richaudience&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=0&gdpr_consent=&us_ps=
Request Chain 736
  • https://match.prod.bidr.io/cookie-sync/richaudience?gdpr=0&gdpr_consent= HTTP 303
  • https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AAAQHk7LLrYAABaDzK28HA&gdpr=0
Request Chain 737
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LQZYJ7Y5-28-J2H9 HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LQZYJ7Y5-28-J2H9
Request Chain 752
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECemyniuPJpgJFg_geX-kIU&google_cver=1
Request Chain 753
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7386633197929965226
Request Chain 755
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAQHk7LLrYAABaDzK28HA&expiration=1705627717
Request Chain 757
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504518
Request Chain 758
  • https://match.deepintent.com/usersync/113 HTTP 303
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_c053429087de436daa35a
Request Chain 759
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZdbPwCgEoqR40X4NR82pgAA%261641&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=0e521442-191b-476e-bd4b-7f1dc324ebc5 HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=0e521442-191b-476e-bd4b-7f1dc324ebc5&rd=Y
Request Chain 762
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/87Zs5s3RxBq05OKOY_tK_Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pBSrTt9E2oIv..54v92zr7eWUH7GHoFmOKBIWw--~A
Request Chain 763
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPuCkuvPMCHCm3sJrsv6s-4&google_cver=1
Request Chain 764
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dsfs3nqeRrq0Kt9CKrR-1Q&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dsfs3nqeRrq0Kt9CKrR-1Q
Request Chain 766
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent=&expires=30
Request Chain 767
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFaWUo3WTUtMjgtSjJIOQ== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOUJi9DC_Vw5thA3Eua916g&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFaWUo3WTUtMjgtSjJIOQ==&google_push=
Request Chain 768
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQZYJ7Y5-28-J2H9&ex=d-rubiconproject.com&status=ok
Request Chain 769
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQZYJ7Y5-28-J2H9
Request Chain 770
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzZlM2JlNmMwNDBlODA3MWYxOGMyNjIzN2I5NTI5YTZkODE5NjA0Yw
Request Chain 771
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAAQHk7LLrYAABaDzK28HA&expires=30
Request Chain 772
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQZYJ7Y5-28-J2H9
Request Chain 773
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQZYJ7Y5-28-J2H9
Request Chain 774
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQZYJ7Y5-28-J2H9&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQZYJ7Y5-28-J2H9&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 775
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQZYJ7Y5-28-J2H9 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQZYJ7Y5-28-J2H9 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQZYJ7Y5-28-J2H9&ckls=true&ci=20XGSSSz8S&nc=false&trid=-281618865
Request Chain 776
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQZYJ7Y5-28-J2H9
Request Chain 777
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQZYJ7Y5-28-J2H9&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQZYJ7Y5-28-J2H9&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS04RW4zQVoxRTJ1RjFVaTNFeHNaeUd6dW0yRU40emxLaH5B&ovsid=LQZYJ7Y5-28-J2H9&dpid=58160
Request Chain 781
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQZYJ7Y5-28-J2H9
Request Chain 782
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQZYJ7Y5-28-J2H9
Request Chain 783
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6adc7340-ca96-462d-b37b-baa1d1730357&expires=30
Request Chain 784
  • https://c1.adform.net/serving/cookie/match?party=1164 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5394353749448417114
Request Chain 785
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=d32de12f-65c3-42c1-a39f-1a86978ca970
Request Chain 786
  • https://sync.srv.stackadapt.com/sync?nid=14 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=-tBDgfwlV_hvwp42xPpc4iaEdkY
Request Chain 787
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQZYJ7Y5-28-J2H9
Request Chain 788
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=8b8293d3-9878-4b12-9ae2-54436c2413c7
Request Chain 789
  • https://ad.turn.com/r/cs?pid=6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7898252983751812422&expires=60&gdpr=&gdpr_consent=
Request Chain 790
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7386633197929965226&expires=30
Request Chain 791
  • https://sync.1rx.io/usersync2/rubicon HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005&rndcb=8977114046 HTTP 302
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=adconductor&bidswitch_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=eddd68999dcc1d60778e9f151f440da6&expires=30&ssp=adconductor&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/f23bd312-5bb6-424a-95e9-d15220f0e7dc?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Request Chain 792
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 794
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly HTTP 302
  • https://sync.1rx.io/usersync/rubicon/LQZYJ7Y5-28-J2H9 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005&expires=30
Request Chain 795
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13 HTTP 302
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LQZYJ7Y5-28-J2H9
Request Chain 796
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404 HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQZYJ7Y5-28-J2H9
Request Chain 813
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Request Chain 817
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBUUhrN0xMcllBQUJhRHpLMjhIQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAAQHk7LLrYAABaDzK28HA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=6066353311403014312&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAAQHk7LLrYAABaDzK28HA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D6066353311403014312%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=6066353311403014312&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAAQHk7LLrYAABaDzK28HA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAAQHk7LLrYAABaDzK28HA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D6066353311403014312%26gdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=6066353311403014312&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAQHk7LLrYAABaDzK28HA&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 818
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_c053429087de436daa35a HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 819
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7386633197929965226&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 820
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c13636fe-ab69-11ee-b47c-6e5120466e9f HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 822
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AagteAL_IHkaqSR2B6o5LFX4ISkarXUsVazYg6Tx
Request Chain 823
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=3f6eae77-8436-31c0-ac70-7d1572b10ec2&ssp=pubmatic&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 824
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:wEAGKYle1Rlz0J5&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 825
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-tBDgfwlV_hvwp42xPpc4iaEdkY&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 826
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=b9e4ff91-bb58-47f1-b815-3c3079feda17&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=A0864502-06A0-4ED8-A79E-7CD263E71299
Request Chain 827
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1813050728247349171
Request Chain 828
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 829
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 830
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6f38051ae3b444a4aea786afd04874f0
Request Chain 831
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=872817532029 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 832
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 833
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=KFJ8PyxrAC6Nv899R1uXZQ HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 836
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oIZFAgagTtinnnzSY-cSmQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 837
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=A0864502-06A0-4ED8-A79E-7CD263E71299 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=4997edfe-4ce1-4693-848f-c8b66f02f74e&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D4997edfe-4ce1-4693-848f-c8b66f02f74e%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=52484525425390576564160136390183098686&pt=4997edfe-4ce1-4693-848f-c8b66f02f74e%2C%2C
Request Chain 840
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:38485CB5441247569104AE4050593124 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 841
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Request Chain 843
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A0864502-06A0-4ED8-A79E-7CD263E71299&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HJznAO9E2uXaESYhcgBswZaynXymPos-~A&gdpr=0
Request Chain 844
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=6adc7340-ca96-462d-b37b-baa1d1730357&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Request Chain 845
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504518&nuid=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Request Chain 847
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_10EC9D624_9826E577&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 848
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 849
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7898252983751812422&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Request Chain 850
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5394353749448417114 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Request Chain 858
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Request Chain 859
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D HTTP 307
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=d08b0939-e7dd-47e1-a1ce-13919d351d77
Request Chain 860
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2069.5%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=2189794078 HTTP 302
  • https://sync.1rx.io/usersync3/centro/2069.5/d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553?zcc=0&sspret=1&rndcb=2189794078 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005%26ex%3Drhythmone.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005&ex=rhythmone.com
Request Chain 861
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=44e38e5e65
Request Chain 863
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=8EE54A40A4D44D4E95BBF6D40223C82E&ex=simpli.fi&status=ok
Request Chain 864
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded2276f7b82e2lucx800lqzyji0f
Request Chain 865
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=BUe8t8AGKClBFU9g5GxQ
Request Chain 868
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&gdpr_consent=undefined&gdpr=0&khaos=LQZYJ7Y5-28-J2H9 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LQZYJ7Y5-28-J2H9&gdpr=0&gdpr_consent=undefined
Request Chain 869
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=insticator&khaos=LQZYJ7Y5-28-J2H9 HTTP 302
  • https://ex.ingage.tech/v1/syncPage/rubicon?uid=LQZYJ7Y5-28-J2H9 HTTP 302
  • https://ex.ingage.tech/v1/sync/rubicon/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=LQZYJ7Y5-28-J2H9
Request Chain 881
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NjA2NjM1MzMxMTQwMzAxNDMxMg==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEBxZa7EzIOj-2rgMQZMYP64&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 882
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=smartadserver HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=-tBDgfwlV_hvwp42xPpc4iaEdkY&user_group=1&ssp=smartadserver&gdpr=0 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=0&gdpr_consent=
Request Chain 883
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=BUe8t8AGKClBFU9g5GxQ&gdpr=0
Request Chain 884
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=274abd0f1c
Request Chain 897
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&cw=1&pbt=1&lsw=1&us_privacy=1--- HTTP 302
  • https://mug.criteo.com/sid?cpp=rIt5UXw1US92QWc3d2hnUG95aE9XdjdoZkpJOEtHMk9CMWhud1FEZm43dEs4bTA1eHdZc0Ftdy83T3JrUUhDbGxaVE9XMjBBSnhhM2pJYmRjL1VSR0s2ZDVGeVRUWkY4UGN1ZjYxVENhOGtEbDZ1U2ZQb2U0VGMydWRIK0pNY3VSdlowNHpxNXlMa0FzUEhNM2hQeXIvbTVaOGdldWpTRU8va0h1bTJVeTEyZEI1VlZpcWgvRVhobzdTSmdndzdFa09vdUZRbXBSYTNkWis1VHI2SGIxR0R1bVMvQ2YrVG40cFhxZG9KREN6bHdSVnhpZkZrYXllMXNWZWEvMTRVTzdyRCtoUmtxaThzOUZUNlNjV0pPaG5pQlQydTU5b09HMkE5bnFsTDlKSTNvTmFwZz18&cppv=2
Request Chain 902
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain&gdpr=0 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQZYJ7Y5-28-J2H9&obUid=&initiator=&gdpr=0
Request Chain 903
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr=0 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQZYJ7Y5-28-J2H9&gdpr=0
Request Chain 904
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage&gdpr=0 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LQZYJ7Y5-28-J2H9&gdpr=0
Request Chain 905
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQZYJ7Y5-28-J2H9&name=RUBICON&gdpr=0
Request Chain 906
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across&gdpr=0 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQZYJ7Y5-28-J2H9&gdpr=0 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQZYJ7Y5-28-J2H9&ts=1704418119&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 907
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&expires=360&gdpr=0&gdpr_consent=
Request Chain 908
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZZdbQAAMIjwI5QBH&gdpr=0
Request Chain 909
  • https://um.simpli.fi/rb_match?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=A0A7D3915CF44960ACE5E888F4B75986&expires=365
Request Chain 910
  • https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon&gdpr=0 HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=rubicon&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=c13636fe-ab69-11ee-b47c-6e5120466e9f&expires=60
Request Chain 911
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1&gdpr=0 HTTP 302
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=PXB6bdDbZGdcz6ZzOFz8t4XsnMZhMiGdLdsvN9R-tmQ&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504519&nuid=PXB6bdDbZGdcz6ZzOFz8t4XsnMZhMiGdLdsvN9R-tmQ&gdpr=0
Request Chain 913
  • https://pixel.rubiconproject.com/exchange/sync.php?p=yieldmo&gdpr=0 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LQZYJ7Y5-28-J2H9&gdpr=0
Request Chain 914
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184&gdpr=0 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQZYJ7Y5-28-J2H9&gdpr=0
Request Chain 915
  • https://pixel.rubiconproject.com/exchange/sync.php?p=smartadserver&gdpr=0 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LQZYJ7Y5-28-J2H9&gdpr=0
Request Chain 916
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=K5XH98XlPE9c&ev=1&pid=560687&gdpr=0
Request Chain 917
  • https://dsp.adfarm1.adition.com/cookie/?ssp=7&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7320420084116420757&expires=730&gdpr=0
Request Chain 918
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-medianet HTTP 302
  • https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQZYJ7Y5-28-J2H9
Request Chain 919
  • https://pixel.rubiconproject.com/exchange/sync.php?p=11864 HTTP 302
  • https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQZYJ7Y5-28-J2H9
Request Chain 920
  • https://a.tribalfusion.com/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
Request Chain 921
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQZYJ7Y5-28-J2H9
Request Chain 922
  • https://ums.acuityplatform.com/tum?umid=2 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=872817512825&expires=30&us_privacy=1---
Request Chain 923
  • https://b1sync.zemanta.com/usersync/rubicon/ HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=BUe8t8AGKClBFU9g5GxQ
Request Chain 924
  • https://rbp.mxptint.net/sn.ashx HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R35CAB_10EC9D625_96FC73C6&expires=60
Request Chain 925
  • https://pixel.rubiconproject.com/exchange/sync.php?p=24856 HTTP 302
  • https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LQZYJ7Y5-28-J2H9
Request Chain 926
  • https://pixel.rubiconproject.com/exchange/sync.php?p=epsilon HTTP 302
  • https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LQZYJ7Y5-28-J2H9
Request Chain 927
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17136_2 HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=rubicon&gdpr=&gdpr_consent=&uid=LQZYJ7Y5-28-J2H9
Request Chain 928
  • https://pixel.rubiconproject.com/exchange/sync.php?p=loopme HTTP 302
  • https://csync.loopme.me/?partner_id=1441&vt=&uid=LQZYJ7Y5-28-J2H9
Request Chain 929
  • https://cms.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif?idmatch=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=gVtlzoIMaM-aWmzAh1lxmtULaZ-aXj2a1V_K50Qk
Request Chain 930
  • https://match.adsby.bidtheatre.com/rubiconmatch HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=0f4048a3-19cf-4e08-b88a-c8eedd147483
Request Chain 931
  • https://ssbsync.smartadserver.com/api/sync?callerId=87 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=6066353311403014312&gdpr=0&gdpr_consent=
Request Chain 932
  • https://rubiconcm.digitaleast.mobi/usersync/rubicon.gif HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=7a63ab7b-0fb0-4bd9-af88-6c3ff434a682
Request Chain 933
  • https://x.bidswitch.net/sync?ssp=rubicon HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=rubicon&bsw_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=rubicon&bsw_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=4dc8349b-80b8-4b94-b1a2-47e2adf7f27c&user_group=1&ssp=rubicon&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=f23bd312-5bb6-424a-95e9-d15220f0e7dc&expires=30&gdpr=&gdpr_consent=&us_privacy=
Request Chain 937
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704418118143.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 938
  • https://ssc-cms.33across.com/ps/?_=1704418118143.&ri=0015a00003HljHyAAJ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212429669350874&gdpr=0&gdpr_consent=
Request Chain 939
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1707010119%26external_user_id%3D736096f3-a33b-4e74-a900-147a47dba0f3 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1707010119&external_user_id=736096f3-a33b-4e74-a900-147a47dba0f3
Request Chain 941
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&ts=1704418119&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 942
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=120&xu=-tBDgfwlV_hvwp42xPpc4iaEdkY
Request Chain 943
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704418118143.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=7386633197929965226
Request Chain 967
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LQZYJ7Y5-28-J2H9 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQZYJ7Y5-28-J2H9
Request Chain 968
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&khaos=LQZYJ7Y5-28-J2H9 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQZYJ7Y5-28-J2H9
Request Chain 972
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=13bb0572-81fe-4f24-b171-7b5a14a67826 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=13bb0572-81fe-4f24-b171-7b5a14a67826
Request Chain 973
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=7386633197929965226
Request Chain 974
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7898252983751812422&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 975
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Z-x3QGS7ekF87X5OYe5jFDO8exF86S8UM-j1_kRD
Request Chain 976
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=8cde5c648fe156140db5378baffff1b&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo0447_7320424622894265161&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/8cde5c648fe156140db5378baffff1b?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-bRKH0QhE2oN6dDPxTl84Z76j.WbZXf4.KsU_8.4H~A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OGNkZTVjNjQ4ZmUxNTYxNDBkYjUzNzhiYWZmZmYxYg==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESED1dhtKpQkBzC1zHJwUfIjg&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AAAQHk7LLrYAABaDzK28HA&dataProviderId=817&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=wEAGKYle1Rlz0J5&gdpr=0 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=7386633197929965226&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=7979074&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=6adc7340-ca96-462d-b37b-baa1d1730357 HTTP 302
  • https://jelly.mdhv.io/v4/pixie
Request Chain 977
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB
Request Chain 978
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720142920&external_user_id=1fd04be1-3440-42f9-b2aa-4a09ecf87f03
Request Chain 979
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=c13636fe-ab69-11ee-b47c-6e5120466e9f
Request Chain 980
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=d08b0939-e7dd-47e1-a1ce-13919d351d77&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 983
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=736096f3-a33b-4e74-a900-147a47dba0f3&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 984
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NzA1NjQxMTE1NTQ0OTgyNzc4OA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 985
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKnCmAPIKQcLYKSKFunzRBw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 986
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NzA1NjQxMTE1NTQ0OTgyNzc4OA%3D%3D
Request Chain 988
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2687056411155449827788?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-409_YKhE2oSIiMO4cIsxNmgDi9xUSetgWq1cCKzPEg--~A&dongle=0883
Request Chain 989
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2687056411155449827788&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=006b79a6-e17b-428f-a319-4028618a9396&expires=10&ssp=triplelift&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 990
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=8b8293d3-9878-4b12-9ae2-54436c2413c7&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 991
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7386633197929965226&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 997
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent=
Request Chain 998
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=YzczNTk4ZTQtMTlhZi00MjI1LWFkNDEtMGRiNWFmOTYxY2Rm HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 999
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7386633197929965226
Request Chain 1000
  • https://sid.storygize.net/ccm/c9dd71b6-fd13-4133-bf5d-b88619cef491 HTTP 302
  • https://sid.storygize.net/csr?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dm3k4T1aBLLPMpeMdFP9tJTiB%26source_user_id%3De70a7824-89af-41a5-a56b-06996c8ccf7d HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=m3k4T1aBLLPMpeMdFP9tJTiB&source_user_id=e70a7824-89af-41a5-a56b-06996c8ccf7d
Request Chain 1009
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=ead0ef9e-5421-5c72-1921-b05a08f0593c HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=0t1pq4e9tqm15
Request Chain 1010
  • https://sync.srv.stackadapt.com/sync?nid=268 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=-tBDgfwlV_hvwp42xPpc4iaEdkY
Request Chain 1011
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=59f34ef1-1ec3-450a-989d-60e8c90f17cf&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZZdbSJoUq63D3ltOZd0YWGF1
Request Chain 1012
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=mSvwKOU_wGoIfLce_iQjRA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 1013
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=6adc7340-ca96-462d-b37b-baa1d1730357
Request Chain 1014
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&gdpr=0&gdpr_consent=
Request Chain 1018
  • https://prebid.a-mo.net/cchain/0?&cb=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D343983%26t%3Dimage%26uid%3D HTTP 302
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=343983&t=image&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
Request Chain 1019
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D649145%26t%3Dimage%26uid%3D%24UID HTTP 302
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=7386633197929965226
Request Chain 1020
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Request Chain 1021
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2687056411155449827788
Request Chain 1022
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7386633197929965226
Request Chain 1023
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_8a0f8237-cd03-48f2-b488-4ca53ffb58fd&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=4d715134-4d31-4835-964f-77d87de546c4&ssp=gumgum2&expires=30&user_group=5&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1024
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=b140de64-64ac-4112-8973-eb44e56d18b8
Request Chain 1025
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70
Request Chain 1026
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-PGKCQK9E2pdAlDzV4AAlDMvQtKN6PvFPpnTD~A
Request Chain 1027
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=6adc7340-ca96-462d-b37b-baa1d1730357
Request Chain 1028
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_c053429087de436daa35a
Request Chain 1029
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_8a0f8237-cd03-48f2-b488-4ca53ffb58fd&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=BUe8t8AGKClBFU9g5GxQ
Request Chain 1030
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=K5XH98XlPE9c&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 1031
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=6066353311403014312
Request Chain 1033
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&khaos=LQZYJ7Y5-28-J2H9 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQZYJ7Y5-28-J2H9&name=RUBICON&gdpr=0
Request Chain 1034
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=VEI1d2NGQW1vVVg4Nmd3Yk1RWS12QQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEEThPMF-T5JUMGZoaLkjQCw&google_cver=1
Request Chain 1035
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504520&nuid=&gdpr_consent=&gdpr=0
Request Chain 1037
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dpdzkvF9rcUoyU1N3YzZ0ZmVsM1NOUjclMkJ6TFclMkJ1cE5UMnRRWDhvbW1vb1AyM1VhdyUzRA%26u%3d%24%7bUSER_ID%7d&gdpr=&consent=&us_privacy=1--- HTTP 303
  • https://ssp-sync.criteo.com/user-sync/match?p=pdzkvF9rcUoyU1N3YzZ0ZmVsM1NOUjclMkJ6TFclMkJ1cE5UMnRRWDhvbW1vb1AyM1VhdyUzRA&u=AAAQHk7LLrYAABaDzK28HA&us_privacy=1---
Request Chain 1038
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=XnlveF9SQXdLc0pzdGowT2tSU3J0Q3NWazZSaXBmR1FmYXNmSFY5YkR5MkYzbktzJTNE&gdpr=&gdpr_consent=&us_privacy=1---&cr_user_id=k-SRwe7merNoMaybDDx98yvvCxluxoHEidqHeFfg HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dcriteo%26user_id%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=criteo&user_id= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=XnlveF9SQXdLc0pzdGowT2tSU3J0Q3NWazZSaXBmR1FmYXNmSFY5YkR5MkYzbktzJTNE&u=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Request Chain 1039
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=meM3CF9KUzAzcWVSNEwwUHNaajZwaWV3NzRZaGgwcGsxTG5Tclc0R3JRempnVW9NJTNE&gdpr=&gdpr_consent=&us_privacy=1---&cr_user_id=k-SRwe7merNoMaybDDx98yvvCxluxoHEidqHeFfg HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dcriteo%26user_id%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=criteo&user_id= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=meM3CF9KUzAzcWVSNEwwUHNaajZwaWV3NzRZaGgwcGsxTG5Tclc0R3JRempnVW9NJTNE&u=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Request Chain 1042
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fp2.gcprivacy.com%2Fv3%2Fid%2Fxandr%3Fid%3D%24UID%26gcid%3De2c5298f-8591-4c8b-899c-ce392e353523 HTTP 302
  • https://p2.gcprivacy.com/v3/id/xandr?id=7386633197929965226&gcid=e2c5298f-8591-4c8b-899c-ce392e353523
Request Chain 1045
  • https://um4.eqads.com/um/cs HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=08086e4a-a446-4039-9081-3354ed5f7a34&expiration=1712280520
Request Chain 1046
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr_consent=undefined&gdpr=0&khaos=LQZYJ7Y5-28-J2H9 HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQZYJ7Y5-28-J2H9&gdpr=0&gdpr_consent=undefined
Request Chain 1049
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=eplanning_east&khaos=LQZYJ7Y5-28-J2H9 HTTP 302
  • https://sync.e-planning.net/um?uid=LQZYJ7Y5-28-J2H9&dc=9bcc91305985f0db&iss=1
Request Chain 1050
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&fullVersionList=&platform= HTTP 302
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&fullVersionList=&platform=&_rlid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
Request Chain 1056
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adkernel HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adkernel
Request Chain 1057
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=5394353749448417114&gdpr=&gdpr_consent=
Request Chain 1060
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=736096f3-a33b-4e74-a900-147a47dba0f3
Request Chain 1061
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZdbScCo8YIAALvpxfgAAAAA
Request Chain 1062
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=gumgum
Request Chain 1068
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Request Chain 1069
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D HTTP 307
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=d08b0939-e7dd-47e1-a1ce-13919d351d77
Request Chain 1070
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2069.5%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=7017468078 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/2069.5/7386633197929965226?zcc=0&sspret=1&rndcb=7017468078 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005%26ex%3Drhythmone.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005&ex=rhythmone.com
Request Chain 1071
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3474197131523813000V10
Request Chain 1072
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=44e38e5e65
Request Chain 1074
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=A0A7D3915CF44960ACE5E888F4B75986&ex=simpli.fi&status=ok
Request Chain 1075
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded2276f7b82e2lucx800lqzyji0f
Request Chain 1076
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=BUe8t8AGKClBFU9g5GxQ
Request Chain 1079
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent=
Request Chain 1080
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=K5XH98XlPE9c&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 1081
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?3pid=OPU6f38051ae3b444a4aea786afd04874f0&gdpr=0&gdpr_consent=&pid=103
Request Chain 1082
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2069.80%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=3185113970 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/2069.80/7386633197929965226?zcc=0&sspret=1&rndcb=3185113970 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Request Chain 1083
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 1084
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 1085
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F1508%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=2520692000 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/1508/7386633197929965226?zcc=0&sspret=1&rndcb=2520692000 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Request Chain 1086
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f7716597-5b45-4000-9fa2-5f3c3f74983b&gdpr=0&gdpr_consent=
Request Chain 1090
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7577045212095128841&uid=Q7577045212095128841&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7577045212095128841
Request Chain 1091
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A0A7D3915CF44960ACE5E888F4B75986&gdpr=0&gdpr_consent=
Request Chain 1093
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=A0864502-06A0-4ED8-A79E-7CD263E71299&vxii_pid=12&vxii_pid1=10067&vxii_rcid=70e5b8d9-0bea-4ac0-bd4c-5aacfc8182d1
Request Chain 1098
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=83i98y4&ttd_tpi=1 HTTP 302
  • https://api.retargetly.com/sync?pid=13&sid=736096f3-a33b-4e74-a900-147a47dba0f3
Request Chain 1099
  • https://retargetly-match.dotomi.com/match/bounce/current?networkId=95012&version=1&nuid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c HTTP 302
  • https://app.retargetly.com/sync?pid=72&sid=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504521&nuid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
Request Chain 1101
  • https://cm.g.doubleclick.net/pixel?google_nid=retargetly_ddp&google_hm=MTg0NDVhYTAtZTM4Ni00YjcwLTlkOGMtN2FjZDJmYjlkZTRj&google_cm HTTP 302
  • https://app.retargetly.com/sync?pid=11&google_gid=CAESEPe8noipGYKtfqtLI0f5Kww&google_cver=1
Request Chain 1102
  • https://secure.adnxs.com/getuid?https://app.retargetly.com/sync?sid=$UID&pid=2 HTTP 302
  • https://app.retargetly.com/sync?sid=7386633197929965226&pid=2
Request Chain 1103
  • https://cms.analytics.yahoo.com/cms?partner_id=RTGLY HTTP 302
  • https://ups.analytics.yahoo.com/ups/58698/cms?partner_id=RTGLY HTTP 302
  • https://app.retargetly.com/sync?pid=22&sid=y-gHNyHbJE2oK1qE6Ww4EnZ3_6qyViGDR1YpU-~A
Request Chain 1104
  • https://pixel-sync.sitescout.com/connectors/retargetly/usersync?redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7BuserId%7D%26pid%3D23 HTTP 302
  • https://app.retargetly.com/sync?sid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&pid=23
Request Chain 1107
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fpid%3D74%26sid%3D%5Bsas_uid%5D HTTP 302
  • https://app.retargetly.com/sync?pid=74&sid=6066353311403014312
Request Chain 1112
  • https://idsync.rlcdn.com/712188.gif?partner_uid=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent= HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJnIrlEvHQUxg1cmmRbiEEA&google_cver=1
Request Chain 1120
  • https://pdp-service.retargetly.com/event_collector_cookies HTTP 307
  • https://pdp-service.retargetly.com/event_collector_cookies?redirect=true
Request Chain 1125
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504522
Request Chain 1126
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=7386633197929965226&ex=appnexus.com
Request Chain 1127
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Request Chain 1131
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-tBDgfwlV_hvwp42xPpc4iaEdkY
Request Chain 1132
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZdbQAAMIjwI5QBH
Request Chain 1133
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7898252983751812422
Request Chain 1134
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&gdpr=0&gdpr_consent=
Request Chain 1135
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=6066353311403014312&gdpr=0&gdpr_consent=
Request Chain 1137
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1813050728247349171
Request Chain 1138
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZdbPwCgEoqR40X4NR82pgAA%261641 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZdbPwCgEoqR40X4NR82pgAA%261641
Request Chain 1140
  • https://csync.loopme.me/?pubid=11555&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redirect=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21511%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21511&id=d08b0939-e7dd-47e1-a1ce-13919d351d77&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Request Chain 1141
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=c73598e4-19af-4225-ad41-0db5af961cdf&gdpr=0
Request Chain 1142
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212429669350874
Request Chain 1143
  • https://b1sync.zemanta.com/usersync/minutemedia/?&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__ HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21515&uid=BUe8t8AGKClBFU9g5GxQ
Request Chain 1144
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZZdbPwCgEoqR40X4NR82pgAA%261641
Request Chain 1145
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21504&uid=770043a8-af77-46db-9a99-c38ce904d888
Request Chain 1146
  • https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21497&puid=b92d9acc-1898-4487-959a-a4caca37df9b
Request Chain 1147
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=A0864502-06A0-4ED8-A79E-7CD263E71299
Request Chain 1148
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=df249810-332b-4610-9690-e25e6d3e931b
Request Chain 1149
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT] HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=6066353311403014312&gdpr=0&gdpr_consent=
Request Chain 1150
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=H8B4hBZHEQ_m7NwFTi24NL7-
Request Chain 1151
  • https://ads.stickyadstv.com/user-matching?id=3686&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21517&id=8cde5c648fe156140db5378baffff1b&gdpr_consent=&gdpr=0
Request Chain 1152
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=minutemedia&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Request Chain 1153
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=VEIznffDDzf1nB7iTMI_&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Request Chain 1154
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-ad54b833-7c6f-352a-acb0-b4e156cda26b
Request Chain 1155
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=59e9df5d-c912-4e7b-b753-fe5a89a9761c
Request Chain 1156
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=K5XH98XlPE9c&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Request Chain 1157
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=2687056411155449827788
Request Chain 1158
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=7386633197929965226
Request Chain 1159
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=c4fec229-13ee-5305-99c3-5f50fc540415
Request Chain 1160
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=95&rndcb=7672802496 HTTP 302
  • https://sync.1rx.io/usersync/stackadapt/0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Request Chain 1161
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=f85811dc81870e1d6389bcf2be3bdfa4
Request Chain 1166
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=A0864502-06A0-4ED8-A79E-7CD263E71299 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7898252983751812422 HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=0e521442-191b-476e-bd4b-7f1dc324ebc5 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=liveintent&ssp_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-b_TzuFpE2pkUz94wCbmugmxYK_20IX7Yw79exA--~A&expires=5&ssp=liveintent HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 303
  • https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Request Chain 1168
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:A0864502-06A0-4ED8-A79E-7CD263E71299 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=c2fd9ae0-ab69-11ee-b039-16c962239a11&companyId=673&id=pubmatic_id:A0864502-06A0-4ED8-A79E-7CD263E71299
Request Chain 1170
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=A0864502-06A0-4ED8-A79E-7CD263E71299 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-0ja2yWerNoMaybDDx98yvvCxluwadSIzfOoYOg HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-0ja2yWerNoMaybDDx98yvvCxluwadSIzfOoYOg HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=0e521442-191b-476e-bd4b-7f1dc324ebc5 HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=liveintent&bsw_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dliveintent%26bsw_param%3Df23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=liveintent&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Request Chain 1172
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:A0864502-06A0-4ED8-A79E-7CD263E71299 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=c2fd9ae0-ab69-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:A0864502-06A0-4ED8-A79E-7CD263E71299
Request Chain 1175
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=A0864502-06A0-4ED8-A79E-7CD263E71299 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7898252983751812422 HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=0e521442-191b-476e-bd4b-7f1dc324ebc5 HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=liveintent&bsw_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dliveintent%26bsw_param%3Df23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=liveintent&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Request Chain 1177
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:A0864502-06A0-4ED8-A79E-7CD263E71299 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=c2fd9ae0-ab69-11ee-a180-0a02e9f38595&companyId=673&id=pubmatic_id:A0864502-06A0-4ED8-A79E-7CD263E71299
Request Chain 1183
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2687056411155449827788
Request Chain 1187
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A0864502-06A0-4ED8-A79E-7CD263E71299 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MTQ3OG5iZm1peENRWENwcjVUcmdocGVGQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5394353749448417114&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 1189
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A0864502-06A0-4ED8-A79E-7CD263E71299&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A0864502-06A0-4ED8-A79E-7CD263E71299&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 1190
  • https://pixel.onaudience.com/?partner=214&mapped=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
  • https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=b9ea21a0003f74ba HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=b9ea21a0003f74ba HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkVMRWdrY0ZweDE4RFo1VXJIUUp3S3JldFVwVm5ZN3pYc05na2FfVHlqUTA&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEHzg1LlU6D52YjScVjTunlU&google_cver=1
Request Chain 1191
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr_consent=undefined&gdpr=0&khaos=LQZYJ7Y5-28-J2H9 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQZYJ7Y5-28-J2H9&ex=d-rubiconproject.com&status=ok&gdpr=0&gdpr_consent=undefined
Request Chain 1192
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Request Chain 1200
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1813050728247349171&expires=30&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1201
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcs.krushmedia.com%2F7fd23a3f0217f27d6c9750c140876344.gif%3Fpuid%3D%24UID&uid=$UID HTTP 302
  • https://cs.krushmedia.com/7fd23a3f0217f27d6c9750c140876344.gif?puid=2687056411155449827788 HTTP 302
  • https://sync.springserve.com/usersync?aid=1917&uuid=1fdb5d7b-30c9-5cb8-86d4-8c47a7462608
Request Chain 1202
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LQZYJ7Y5-28-J2H9&gdpr=0
Request Chain 1203
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=7386633197929965226&gdpr=0&gdpr_consent=
Request Chain 1204
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&gdpr=0&gdpr_consent=
Request Chain 1222
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&khaos=LQZYJ7Y5-28-J2H9 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LQZYJ7Y5-28-J2H9&gdpr=0&gdpr_consent=undefined
Request Chain 1238
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LQZYJ7Y5-28-J2H9 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQZYJ7Y5-28-J2H9&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Request Chain 1249
  • https://tg.socdm.com/rtb/sync?proto=rubicon&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=ZZdbScCo8YIAALvpxfgAAAAA
Request Chain 1250
  • https://um4.eqads.com/um/rc?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=11598&nid=2494&put=08086e4a-a446-4039-9081-3354ed5f7a34&expires=30
Request Chain 1251
  • https://sid.storygize.net/ccm/729e4e94-63c3-438d-8ce4-184eb34e703f?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=e70a7824-89af-41a5-a56b-06996c8ccf7d
Request Chain 1252
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D32128%26nid%3D2915%26put%3D[sas_uid]&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=6066353311403014312
Request Chain 1253
  • https://p.rfihub.com/cm?in=1&pub=64&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1813050728247349171&expires=30
Request Chain 1254
  • https://onetag-sys.com/match/?int_id=4&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=
Request Chain 1255
  • https://pixel.rubiconproject.com/exchange/sync.php?p=smaato&gdpr=0&us_privacy=1--- HTTP 302
  • https://s.ad.smaato.net/c/?dspId=1001989&dspCookie=LQZYJ7Y5-28-J2H9&gdpr=0&us_privacy=1--- HTTP 302
  • https://www.tumblr.com/ads-user-sync?partner=smaato&uid=44e38e5e65&gdpr=0&gdpr_consent=
Request Chain 1256
  • https://rtb.adentifi.com/CookieSyncRubicon?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31930&nid=2966&put=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11&expires=1825
Request Chain 1257
  • https://dmp.brand-display.com/cm/api/rubicon?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=3ad06018-d1ed-a766-3562c7cc
Request Chain 1258
  • https://sync.adotmob.com/cookie/rubicon?r=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D123034%26nid%3D3956%26put%3D%7Buser_token%7D&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=123034&nid=3956&put=0a00220400cfc8e2c37e0815&expires=1&gdpr=0
Request Chain 1259
  • https://rcp.c.appier.net/rbcm?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=KFJ8PyxrAC6Nv899R1uXZQ&expires=365
Request Chain 1260
  • https://beacon.lynx.cognitivlabs.com/rb.gif?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=711370&nid=5504&put=a6cf1cbc-4036-4199-86d7-bf338a8581fc&expires=365&next=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Drubicon%26inventory_source%3D0 HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=rubicon&inventory_source=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=49038&puid=a6cf1cbc-4036-4199-86d7-bf338a8581fc
Request Chain 1261
  • https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=wEAGKYle1Rlz0J5&expires=30&gdpr=0&us_privacy=1---
Request Chain 1262
  • https://s.company-target.com/s/rp?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=1fd04be1-3440-42f9-b2aa-4a09ecf87f03
Request Chain 1282
  • https://match.sharethrough.com/universal/v1?supply_id=L1gWZthZ HTTP 302
  • https://sync.adkernel.com/user-sync?dsp=86&t=image&uid=c73598e4-19af-4225-ad41-0db5af961cdf
Request Chain 1283
  • https://x.bidswitch.net/sync?ssp=catapultx&user_id=A2580877537250048855 HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=&consent=&usp=&ssp=catapultx&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Request Chain 1284
  • https://bttrack.com/pixel/cookiesync?source=1f5c0b51-7f88-40e2-9e81-903a3403a7ce HTTP 302
  • https://sync.adkernel.com/user-sync?dsp=79&t=image&uid=d32de12f-65c3-42c1-a39f-1a86978ca970
Request Chain 1288
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=24138 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=24138
Request Chain 1294
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-JbJh5b9E2py02Ma9dcmX4lgzhd2t__M0y.s-~A&gdpr=0
Request Chain 1296
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&gdpr=0&gdpr_consent=
Request Chain 1298
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/c7ad65278a0c19aea11723b7364d8a21/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7898252983751812422/gdpr=0
Request Chain 1299
  • https://pm.w55c.net/m.gif?rurl=//cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=_wfivefivec64esc_&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d0VBR0tZbGUxUmx6MEo1&google_cm HTTP 302
  • https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEE2qxcdLZRh-zIaR9-SIwds&google_cver=1
Request Chain 1321
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEJBL6Mm5l35V6yzYDheCjpk&google_cver=1&google_push=AXcoOmSEfaPNYaT_lkbTVjW0L52wibD5ik7ajZeuTnk5PlJxibJRNoBRZU888CB6F20_o7qB0D4iCGgO0aeKz2_MWhuqkf3cB4HH_A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YWZjMWM5ZDctMDk1Mi00OGQyLTkzNDYtNDlkNjFjNWUxZTc3&google_gid=CAESEJBL6Mm5l35V6yzYDheCjpk&google_cver=1&google_push=AXcoOmSEfaPNYaT_lkbTVjW0L52wibD5ik7ajZeuTnk5PlJxibJRNoBRZU888CB6F20_o7qB0D4iCGgO0aeKz2_MWhuqkf3cB4HH_A
Request Chain 1322
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECC_wCIIn-_-3YZLeMqTGF4&google_cver=1&google_push=AXcoOmTgC-CNbu7lOXNWsWVo2GghzbuQpJXyJPd1llTBcTmry7AMUAu1vkzadY7uWQNlZaTKlWRjdcOpazFlGL4DSEMvNkJH-bfi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTgC-CNbu7lOXNWsWVo2GghzbuQpJXyJPd1llTBcTmry7AMUAu1vkzadY7uWQNlZaTKlWRjdcOpazFlGL4DSEMvNkJH-bfi&google_hm=eS1BN1FRNVk1RTJwRVBPYWIuUE12aVZSemVXZWZVVFRkM35B
Request Chain 1323
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT-OXRr_3naXrif6eeLbJvOQBdACf1ntO-ZKQ1v9FHnLCc8GDT3wJ-K06_RMnOxeplRDPLwQKaplwfhtWfz2NlZD6vmFUzzWg&google_gid=CAESEPH8hlACQ7kyvYRf9xcwb1Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-3e6YZ2erNoMaybDDx98yvvCxluws6vR5pClOqw&google_push=AXcoOmT-OXRr_3naXrif6eeLbJvOQBdACf1ntO-ZKQ1v9FHnLCc8GDT3wJ-K06_RMnOxeplRDPLwQKaplwfhtWfz2NlZD6vmFUzzWg
Request Chain 1324
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGFDxITmVHlA3mpFcPEJl8o&google_cver=1&google_push=AXcoOmShD1wYa52J6wBLSL5bEQ_YOh2cOhYYVVPUJXhgUhXF5zH8wRY0PXaStBgAvOzd2kXYz9Vuoxw0AbR65pjMGzQmNQLsogVLHw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmShD1wYa52J6wBLSL5bEQ_YOh2cOhYYVVPUJXhgUhXF5zH8wRY0PXaStBgAvOzd2kXYz9Vuoxw0AbR65pjMGzQmNQLsogVLHw&google_hm=QlVlOHQ4QUdLQ2xCRlU5ZzVHeFE=
Request Chain 1325
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEAGgGkNBWe5Im6b0jgHyFUs&google_cver=1&google_push=AXcoOmReO_54jgLKwwFvkvYv8KiQud44f1yEQosKaFmieOTqhs57EGnyl-jnOT9AIo0IlvOyWZ95O_JMKioG46mPzTJ6Eag08PaAetQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MzZmOWY1Zjc1OTA1ZTA4&google_push=AXcoOmReO_54jgLKwwFvkvYv8KiQud44f1yEQosKaFmieOTqhs57EGnyl-jnOT9AIo0IlvOyWZ95O_JMKioG46mPzTJ6Eag08PaAetQ
Request Chain 1326
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEF6X5kj7sES0pqBY6XtIoW0&google_cver=1&google_push=AXcoOmTj9rDjrbpAJtq3rNTKo_R0_SQJrWf5YhnxYjKG_DVoYEpX7q-fw088MUGyTv2HN0r6x-G9vUBk39gUW_d7EoFEyHjNNZJ-pMI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTj9rDjrbpAJtq3rNTKo_R0_SQJrWf5YhnxYjKG_DVoYEpX7q-fw088MUGyTv2HN0r6x-G9vUBk39gUW_d7EoFEyHjNNZJ-pMI&google_hm=746ded2276f7b82e2lucx800lqzyji0f
Request Chain 1337
  • https://pixel.rubiconproject.com/exchange/sync.php?p=24138&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LQZYJ7Y5-28-J2H9 HTTP 302
  • https://sync.adkernel.com/user-sync?dsp=84&t=image&uid=LQZYJ7Y5-28-J2H9&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Request Chain 1396
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5394353749448417114
Request Chain 1397
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ia1CK4r6TyqSrEslj69Wf939TnqSqBp_3anUfAhW
Request Chain 1398
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx%26bsw_param%3Df23bd312-5bb6-424a-95e9-d15220f0e7dc%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=0e9edc1031de420496b7be83175ae78d&ssp=openx&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1399
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=1813050728247349171
Request Chain 1400
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=A0A7D3915CF44960ACE5E888F4B75986
Request Chain 1401
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=46cba690-7b63-4335-ac8e-07afa7abd811 HTTP 303
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=0e521442-191b-476e-bd4b-7f1dc324ebc5&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D HTTP 302
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 303
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=0e521442-191b-476e-bd4b-7f1dc324ebc5
Request Chain 1423
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Request Chain 1424
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D754412%26extuid%3D%3Cvsid%3E%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D750708%26a%3D754412%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=3474197131523813000V10&traffic_source=snippet&session=13A73333B6E4BAA1&sp=792813&pb=554204&c=750708&a=754412&domain=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Request Chain 1427
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D709112%26a%3D743293%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F HTTP 303
  • https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=5394353749448417114&traffic_source=snippet&session=13A73333B6E4BAA1&sp=792813&pb=554204&c=709112&a=743293&domain=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Request Chain 1433
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1--- HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&bsw_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=59e9df5d-c912-4e7b-b753-fe5a89a9761c&ssp=themediagrid&us_privacy=1---
Request Chain 1434
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=VEIznffDDzf1nB7iTMI_&gdpr=&gdpr_consent=&us_privacy=1---
Request Chain 1445
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=26efbc08ee844f3d81569a7655eb8db1
Request Chain 1448
  • https://tr.blismedia.com/v1/api/sync/openx HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=65975B48E0C2A3AB74921F42BLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D65975B48E0C2A3AB74921F42BLIS HTTP 302
  • https://tr.blismedia.com/v1/redirect/openx?partner_device_id=65975B48E0C2A3AB74921F42BLIS HTTP 307
  • https://pixel.rubiconproject.com/exchange/sync.php?p=blismedia HTTP 302
  • https://tr.blismedia.com/v1/dpusync/6?uid=LQZYJ7Y5-28-J2H9
Request Chain 1449
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504534&nuid={OX_USER_ID}
Request Chain 1450
  • https://px.owneriq.net/eox HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7577045212095128841P
Request Chain 1451
  • https://rtb.adentifi.com/CookieSyncOpenX HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537077954&val=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11
Request Chain 1452
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D%7BOPENX_ID%7D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=4f460ba9-d9c6-40da-9953-454edfe3e1c2 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662087854649738
Request Chain 1453
  • https://sync.1rx.io/usersync/openx/d54b6a76-370c-4b2f-bee5-a2418b855582 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Request Chain 1454
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://us-u.openx.net/w/1.0/sd?val=AAAQHk7LLrYAABaDzK28HA&id=537125688
Request Chain 1456
  • https://oxp.mxptint.net/OpenX.ashx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R35CAB_10EC9D625_96FC73C6
Request Chain 1457
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=wEAGKYle1Rlz0J5
Request Chain 1460
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&dongle=4430
Request Chain 1461
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=6adc7340-ca96-462d-b37b-baa1d1730357&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 1465
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAAQHk7LLrYAABaDzK28HA&dongle=bzwx&gdpr=0
Request Chain 1466
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504534&gdpr_consent=&gdpr=0
Request Chain 1467
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Request Chain 1469
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEPrb84b2eii1lpp15gN_TUQ&google_cver=1
Request Chain 1470
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LQZYJ7Y5-28-J2H9
Request Chain 1472
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://match.prod.bidr.io/cookie-sync/ro?rndcb=8538124443
Request Chain 1476
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D%7BOPENX_ID%7D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=4f460ba9-d9c6-40da-9953-454edfe3e1c2 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662087854649738
Request Chain 1477
  • https://sync.1rx.io/usersync/openx/d54b6a76-370c-4b2f-bee5-a2418b855582 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Request Chain 1478
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://us-u.openx.net/w/1.0/sd?val=AAAQHk7LLrYAABaDzK28HA&id=537125688
Request Chain 1480
  • https://oxp.mxptint.net/OpenX.ashx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R35CAB_10EC9D625_96FC73C6
Request Chain 1481
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=wEAGKYle1Rlz0J5
Request Chain 1486
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=taboola&bsw_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=4d715134-4d31-4835-964f-77d87de546c4&ssp=taboola&expires=30&user_group=5&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 1487
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-Nxe5n_VE2uHbjxGaL_QMu55nR.2k4XoM~A&gdpr_in_effect=0
Request Chain 1490
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=1---&pu=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%23PMUID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=A0864502-06A0-4ED8-A79E-7CD263E71299
Request Chain 1492
  • https://ssc-cms.33across.com/ps/?_=1704418134458.&ri=0010b00002T3JniAAF&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=304056&extuid=212429669350874&traffic_source=snippet&session=13A73333B6E4BAA1&sp=792813&pb=554204&c=488210&a=304056&domain=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Request Chain 1493
  • https://cs.admanmedia.com/ad78321e103d19bf85068e7bf407c77f.gif?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D121%26us_privacy%3D%26xu%3D%5BUID%5D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=121&us_privacy=&xu=b92d9acc-1898-4487-959a-a4caca37df9b
Request Chain 1494
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc1MDI2NzU4Mi90LzI/url/https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D44%26ts%3D1704418134458.3%26us_privacy%3D%26xu%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=44&ts=1704418134458.3&us_privacy=&xu=7898252983751812422 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=44&external_user_id=7898252983751812422&ts=1704418134&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1495
  • https://sync.1rx.io/usersync2/33across?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3D%5BRX_UUID%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3DRX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=43&ts=123&us_privacy=1---&xu=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Request Chain 1496
  • https://csync.loopme.me/?pubid=11575&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D122%26us_privacy%3D%26xu%3D%7Bviewer_token%7D HTTP 307
  • https://ssc-cms.33across.com/ps/?xi=122&us_privacy=&xu=d08b0939-e7dd-47e1-a1ce-13919d351d77&gdpr_consent=null&gdpr=0
Request Chain 1497
  • https://pxl.iqm.com/i/ck/ttacross?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D123%26ts%3D1704418134458.6%26us_privacy%3D%26xu%3D%5BPUID%5D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=123&ts=1704418134458.6&us_privacy=&xu=a1113839-bfab-4664-9a61-231408946c0d HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=123&external_user_id=a1113839-bfab-4664-9a61-231408946c0d&ts=1704418135&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1498
  • https://cs.mobfox.com/4601c426c7c74dd7172eb80111ccb2bf.gif?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D126%26us_privacy%3D%26xu%3D%5BUID%5D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=126&us_privacy=&xu=cf3a1f96-0f85-4c9a-95cf-17897e8f8f7f
Request Chain 1507
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=publicidad&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Request Chain 1508
  • https://id5-sync.com/s/286/9.gif?puid=48de1664-fb49-47b7-b409-1zz1704418099&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D%7BID5UID%7D HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F441%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/286/441/8/2.gif?puid=u_8a0f8237-cd03-48f2-b488-4ca53ffb58fd&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F429%2F7%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/286/429/7/3.gif?puid=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAAQHk7LLrYAABaDzK28HA&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/286/2/5/5.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/286/2/5/5.gif?puid=7386633197929965226&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F203%2F4%2F6.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/286/203/4/6.gif?puid=8b8293d3-9878-4b12-9ae2-54436c2413c7&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-f642P3hmo8kgth1GYnAaxSioQNBv5STXJvqDdw6AvA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F286%2F124%2F3%2F7.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-f642P3hmo8kgth1GYnAaxSioQNBv5STXJvqDdw6AvA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F286%2F124%2F3%2F7.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/286/124/3/7.gif?puid=4865ca2b-af3b-4ab5-b1cc-eb965768646e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F108%2F2%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/286/108/2/8.gif?puid=4997edfe-4ce1-4693-848f-c8b66f02f74e&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F434%2F1%2F9.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/286/434/1/9.gif?puid=770043a8-af77-46db-9a99-c38ce904d888&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F796%2F0%2F10.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/286/796/0/10.gif?puid=6adc7340-ca96-462d-b37b-baa1d1730357&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/?gdpr=0&euconsent=&uid=ID5-f642P3hmo8kgth1GYnAaxSioQNBv5STXJvqDdw6AvA
Request Chain 1509
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&euconsent=&domain=sync.richaudience.com
Request Chain 1513
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/6066353311403014312
Request Chain 1516
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/7386633197929965226
Request Chain 1517
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LQZYJ7Y5-28-J2H9 HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LQZYJ7Y5-28-J2H9&gdpr=0&us_privacy=1---
Request Chain 1518
  • https://cm.smadex.com/sync?sm_p=rbc&sm_r=rbc&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71194&nid=3636&put=006b79a6-e17b-428f-a319-4028618a9396&expires=30
Request Chain 1519
  • https://id5-sync.com/i/175/9.gif?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=16829&nid=2820&put=ID5-f642P3hmo8kgth1GYnAaxSioQNBv5STXJvqDdw6AvA
Request Chain 1520
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16466&gdpr=0&us_privacy=1--- HTTP 302
  • https://usync.vrtcal.com/o?xs=1624&did=LQZYJ7Y5-28-J2H9&gdpr=0&us_privacy=1---
Request Chain 1522
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LQZYJ7Y5-28-J2H9?gdpr=0
Request Chain 1527
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/openx/e337b882-7cdc-47da-a87d-3c455381b18c
Request Chain 1528
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID HTTP 307
  • https://csync.smilewanted.com/set_partner_userid_get/sovrn/H8B4hBZHEQ_m7NwFTi24NL7-
Request Chain 1532
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/5394353749448417114
Request Chain 1534
  • https://us.shb-sync.com/d3cf52c0-fa89-45fb-83fa-f14d2af39226.gif?puid=[UID]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadwmg%2F%5BUID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA] HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/adwmg/5a3c3256-d9f2-4367-85f1-32f976afad14
Request Chain 1535
  • https://pixel.rubiconproject.com/exchange/sync.php?p=publicidad&gdpr=0&gdpr_consent=&gdpr=0&us_privacy=1---&khaos=LQZYJ7Y5-28-J2H9 HTTP 302
  • https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LQZYJ7Y5-28-J2H9&gdpr=0&us_privacy=1---
Request Chain 1539
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D529070%26a%3D297253%26domain%3Dstaradvertiser.com HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7386633197929965226&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=529070&a=297253&domain=staradvertiser.com
Request Chain 1540
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D603469%26a%3D307558%26domain%3Dstaradvertiser.com HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c95c11bf-b46f-4d09-bc4a-c5473e8fb6fe&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=603469&a=307558&domain=staradvertiser.com
Request Chain 1543
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D751004%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D736651%26a%3D751004%26domain%3Dstaradvertiser.com HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=7386633197929965226&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=736651&a=751004&domain=staradvertiser.com
Request Chain 1544
  • https://cm-x.mgid.com/7d2fea400064b22652273d22c2e07bad.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D753378%26extuid%3D%5BUID%5D%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D746141%26a%3D753378%26domain%3Dstaradvertiser.com HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=75d3231a-8b28-476c-856f-1982c6c9795b&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=746141&a=753378&domain=staradvertiser.com
Request Chain 1545
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484067%26a%3D310570%26domain%3Dstaradvertiser.com HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=H8B4hBZHEQ_m7NwFTi24NL7-&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=484067&a=310570&domain=staradvertiser.com
Request Chain 1546
  • https://s.ad.smaato.net/c/?adExInit=smile&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsmaato%2F%24UID HTTP 302
  • https://sync.lunamedia.live/psync?t=s&e=255&cb=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001875%26dspCookie%3D%25USER_ID%25%26gdpr%3D0%26gdpr_consent%3D[GDPR_CONSENT]
Request Chain 1549
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D44917234a27bfa53 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&dc=0abbcb4eba840e59&fi=44917234a27bfa53
Request Chain 1550
  • https://bh.contextweb.com/bh/rtset?pid=562965&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%%VGUID%%%26dc%3D66b7ef4184d94c10%26fi%3D44917234a27bfa53 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=K5XH98XlPE9c&dc=66b7ef4184d94c10&fi=44917234a27bfa53&ev=1&us_privacy=${us_privacy}&pid=562965
Request Chain 1553
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D44917234a27bfa53%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=44917234a27bfa53&uid=7fa3f5db-f526-4aad-8584-3bbcac66db73
Request Chain 1555
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D44917234a27bfa53%26uid%3D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=44917234a27bfa53&uid=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504535
Request Chain 1556
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D44917234a27bfa53 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=48de1664-fb49-47b7-b409-1zz1704418099&dc=fabfd6762b833237&fi=44917234a27bfa53
Request Chain 1557
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D44917234a27bfa53%26uid%3D%24UID HTTP 302
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=44917234a27bfa53&uid=7386633197929965226
Request Chain 1558
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D44917234a27bfa53%26uid%3D%5BUID%5D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=44917234a27bfa53&uid=770043a8-af77-46db-9a99-c38ce904d888
Request Chain 1559
  • https://rtb.om-meta.com/csync?exchange=41cd7873289762a3cc93a994250371cf1cd20569&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dbe1f3f8d2283c058%26fi%3D44917234a27bfa53%26uid%3D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=44917234a27bfa53&uid=0b933d13-66e8-4296-b3ac-45af853fa0a0
Request Chain 1560
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D44917234a27bfa53%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=44917234a27bfa53&uid=ua-ad54b833-7c6f-352a-acb0-b4e156cda26b
Request Chain 1561
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH HTTP 302
  • https://sync.e-planning.net/um?uid=c73598e4-19af-4225-ad41-0db5af961cdf&dc=769fefa8321c94fb&iss=1
Request Chain 1562
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D44917234a27bfa53 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=csuid_26dad347-6267-48c3-bca3-bbebb7a0b2e4&dc=b337141cfdc8cf59&fi=44917234a27bfa53
Request Chain 1563
  • https://sync.colossusssp.com/25846d60f03337a85b16b62fb624c502.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3Dd015773253e1640b%26fi%3D44917234a27bfa53 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=1e2c6b9b-b313-4977-8d47-506b6f116205&dc=d015773253e1640b&fi=44917234a27bfa53
Request Chain 1564
  • https://x.bidswitch.net/sync?ssp=eplanning HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=eplanning HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0cab6805-c694-4a0f-a9f1-3fc892c60190&ssp=eplanning
Request Chain 1565
  • https://cm-x.mgid.com/7c66bfc34cae8636a9aefaf68cb9041c.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3D98bd04598763300f%26fi%3D44917234a27bfa53 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=75d3231a-8b28-476c-856f-1982c6c9795b&dc=98bd04598763300f&fi=44917234a27bfa53
Request Chain 1566
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=ZXBsYW5uaW5n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&callback=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7Bym_user_id%7D%26dc%3Ddbfd729d40c9c3fc%26fi%3D44917234a27bfa53 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=ym_user_f42d1ad0-05e4-4bec-8277-d0223c159ff3&dc=dbfd729d40c9c3fc&fi=44917234a27bfa53
Request Chain 1567
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning HTTP 302
  • https://match.prod.bidr.io/cookie-sync/ro?rndcb=2635782203
Request Chain 1568
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Request Chain 1571
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A0A7D3915CF44960ACE5E888F4B75986
Request Chain 1572
  • https://rtb.adentifi.com/CookieIndex HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11
Request Chain 1573
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0cab6805-c694-4a0f-a9f1-3fc892c60190&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1574
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f7716597-5b45-4000-9fa2-5f3c3f74983b&gdpr=&gdpr_consent=
Request Chain 1576
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZdbPwCgEoqR40X4NR82pgAA%261641&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP 302
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=736096f3-a33b-4e74-a900-147a47dba0f3
Request Chain 1577
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=BUe8t8AGKClBFU9g5GxQ
Request Chain 1578
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZZdbPwCgEoqR40X4NR82pgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662087854649738
Request Chain 1614
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=A0A7D3915CF44960ACE5E888F4B75986&dongle=yf3
Request Chain 1615
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=BUe8t8AGKClBFU9g5GxQ&gdpr=0
Request Chain 1616
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7898252983751812422&dongle=d407&gdpr=0&gdpr_consent=
Request Chain 1617
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=3WRHdd4zSnTGZU5722ZTIYk0SyTGYR8hiWAK5ee3
Request Chain 1618
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=f7716597-5b45-4000-9fa2-5f3c3f74983b&dongle=3995&gdpr=0&gdpr_consent=
Request Chain 1619
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=ZZdbQAAMIjwI5QBH&dongle=3c0a&gdpr=0&gdpr_consent=
Request Chain 1620
  • https://s.company-target.com/s/tlx?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D8804%26xuid%3D%7Bxuid%7D%26dongle%3D6aix HTTP 302
  • https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=1fd04be1-3440-42f9-b2aa-4a09ecf87f03
Request Chain 1621
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6019&xuid=wEAGKYle1Rlz0J5&dongle=465e&gdpr=0&gdpr_consent=
Request Chain 1622
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6547&xuid=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
Request Chain 1623
  • https://rtb.adentifi.com/CookieSyncTripleLift?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11
Request Chain 1625
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=6adc7340-ca96-462d-b37b-baa1d1730357
Request Chain 1626
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=b140de64-64ac-4112-8973-eb44e56d18b8
Request Chain 1627
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70
Request Chain 1630
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=A0A7D3915CF44960ACE5E888F4B75986&dongle=yf3
Request Chain 1631
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=BUe8t8AGKClBFU9g5GxQ&gdpr=0
Request Chain 1632
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7898252983751812422&dongle=d407&gdpr=0&gdpr_consent=
Request Chain 1633
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=3WRHdd4zSnTGZU5722ZTIYk0SyTGYR8hiWAK5ee3
Request Chain 1634
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=f7716597-5b45-4000-9fa2-5f3c3f74983b&dongle=3995&gdpr=0&gdpr_consent=
Request Chain 1635
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=ZZdbQAAMIjwI5QBH&dongle=3c0a&gdpr=0&gdpr_consent=
Request Chain 1636
  • https://s.company-target.com/s/tlx?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D8804%26xuid%3D%7Bxuid%7D%26dongle%3D6aix HTTP 302
  • https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=1fd04be1-3440-42f9-b2aa-4a09ecf87f03
Request Chain 1637
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6019&xuid=wEAGKYle1Rlz0J5&dongle=465e&gdpr=0&gdpr_consent=
Request Chain 1638
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6547&xuid=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
Request Chain 1639
  • https://rtb.adentifi.com/CookieSyncTripleLift?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11
Request Chain 1641
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZdbScCo8YIAALvpxfgAAAAA
Request Chain 1642
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=gumgum
Request Chain 1643
  • https://prebid.a-mo.net/cchain/0?&cb=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D629501%26t%3Dimage%26uid%3D HTTP 302
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=629501&t=image&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
Request Chain 1644
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D649145%26t%3Dimage%26uid%3D%24UID HTTP 302
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=7386633197929965226
Request Chain 1645
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 1647
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=736096f3-a33b-4e74-a900-147a47dba0f3
Request Chain 1648
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adkernel HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adkernel
Request Chain 1660
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Request Chain 1689
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOABAetaFdJfY7IFGo4nLdY&google_cver=1&google_push=AXcoOmTck6SzbOtBq7cgzlm08ZvgvRJLc9uaSs_F7EZcKXD5TdwTI_QrA_WLQj_qDdFFGj2LtkrKLouID8yWkJwSkY9ovODU5UHchQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlpkYlFBQU1JandJNVFCSA==&google_gid=CAESEOABAetaFdJfY7IFGo4nLdY&google_cver=1&google_push=AXcoOmTck6SzbOtBq7cgzlm08ZvgvRJLc9uaSs_F7EZcKXD5TdwTI_QrA_WLQj_qDdFFGj2LtkrKLouID8yWkJwSkY9ovODU5UHchQ
Request Chain 1690
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECC_wCIIn-_-3YZLeMqTGF4&google_cver=1&google_push=AXcoOmReALEMZ_yy1rco9ecs-22K_P25gi6bYjNPPKD1UyJimLUT8jXTqsfaj2uinAIqi002aGOS1U8oyTWVYRP4E_0CL1bUjpA9PA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmReALEMZ_yy1rco9ecs-22K_P25gi6bYjNPPKD1UyJimLUT8jXTqsfaj2uinAIqi002aGOS1U8oyTWVYRP4E_0CL1bUjpA9PA&google_hm=eS1BN1FRNVk1RTJwRVBPYWIuUE12aVZSemVXZWZVVFRkM35B
Request Chain 1691
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMqghldNzNQFuu6-coOlr5s&google_cver=1&google_push=AXcoOmQYLMWZVqyMV_vpAGf7q30o_FSGCPwXEGkvU6XEgeSCyhClT0wIZQg8DmhMUuaKkfREDgTrJ2K0VKf-ZNx2HYabyCRRh7LsOQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQYLMWZVqyMV_vpAGf7q30o_FSGCPwXEGkvU6XEgeSCyhClT0wIZQg8DmhMUuaKkfREDgTrJ2K0VKf-ZNx2HYabyCRRh7LsOQ&google_hm=mSvwKOU_wGoIfLce_iQjRA==
Request Chain 1692
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGFDxITmVHlA3mpFcPEJl8o&google_cver=1&google_push=AXcoOmSsmGgrfbDJoJ_F_G3eSunfshhLo_xYvRFaOQsnOv0F4EhTxwWTomBzfPGx5bHXaCr5xOHpHOxFGMSFspwASw79akkvkLG9lw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSsmGgrfbDJoJ_F_G3eSunfshhLo_xYvRFaOQsnOv0F4EhTxwWTomBzfPGx5bHXaCr5xOHpHOxFGMSFspwASw79akkvkLG9lw&google_hm=QlVlOHQ4QUdLQ2xCRlU5ZzVHeFE=
Request Chain 1693
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECemyniuPJpgJFg_geX-kIU&google_cver=1&google_push=AXcoOmTL57zc_GuzeBoGbns-b_irrQPdNI9VcAf3O21wFclZ8xuOO7re1BsWysk8QHf22qiNMzHoCGq-mOYKdCq4Bl0sM6qfNIQTlQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECemyniuPJpgJFg_geX-kIU&google_hm=ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB&google_nid=index&google_push=AXcoOmTL57zc_GuzeBoGbns-b_irrQPdNI9VcAf3O21wFclZ8xuOO7re1BsWysk8QHf22qiNMzHoCGq-mOYKdCq4Bl0sM6qfNIQTlQ
Request Chain 1694
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEGGVm8NNlv91EGMLquulxIE&google_cver=1&google_push=AXcoOmSRR-pu0vHdYdU-ki_qeelPPQNlc7o0p02k5nfw47jWzKSNtrZXAqTdcKxHmDDEej9J6o8R7jTZaxXKGInu4TW0hB6fRvrIZw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZTAzZjg3MmY2NTZmNGE3MmEzNTYzYTNlNjc3M2Y3YTg%3D&UIDF=CAESEGGVm8NNlv91EGMLquulxIE&google_cver=1&google_push=AXcoOmSRR-pu0vHdYdU-ki_qeelPPQNlc7o0p02k5nfw47jWzKSNtrZXAqTdcKxHmDDEej9J6o8R7jTZaxXKGInu4TW0hB6fRvrIZw
Request Chain 1701
  • https://gcdn.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/7A16D8E620C57D0A127EE629401CBE20196664AF.877E53C3F8BE58E9753742E30EB34C16AEA4E744/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-q4fzen7e.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2A9A063A849C8B7BC9B017466AC1E89469673115.47A8E1B058D48CC9D84F8DA2B5C75A77B106E9DA/key/cms1/cms_redirect/yes/mh/hX/mip/2001:550:1d05:1::7/mm/42/mn/sn-q4fzen7e/ms/onc/mt/1704417316/mv/u/mvi/3/pl/48/file/file.mp4
Request Chain 1704
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16622%26tp%3DALDX%26tpid%3D%24{ADELPHIC_CUID}%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=6adc7340-ca96-462d-b37b-baa1d1730357&gdpr=0
Request Chain 1707
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZdbQAAMIjwI5QBH/gdpr=0
Request Chain 1708
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=699697667 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7386633197929965226/gdpr=0/rand=699697667
Request Chain 1709
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=c7ad65278a0c19aea11723b7364d8a21&custom=&tag_format=img&tag_action=sync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=c7ad65278a0c19aea11723b7364d8a21&custom=&tag_format=img&tag_action=sync&final=true&reqid=cc6b3d80-ab69-11ee-8cd9-af990b1684b3&timestamp=2024-01-05T01%3A28%3A58.457Z HTTP 302
  • https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=7386633197929965226&tag_format=img&tag_action=sync HTTP 302
  • https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=cc741720-ab69-11ee-8617-cd9cfcea2df3?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=c7ad65278a0c19aea11723b7364d8a21&tag_format=img&tag_action=sync&cb=652303031 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=736096f3-a33b-4e74-a900-147a47dba0f3&tag_format=img&tag_action=sync&cb= HTTP 302
  • https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=cc741720-ab69-11ee-8617-cd9cfcea2df3&cb=1704418138909&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2130%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1704418138909 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=69b8b48a-60c1-4f84-9ab7-2102c2a0b21a&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1704418138909 HTTP 302
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=ccf3ce70-ab69-11ee-8ead-abde2e6f7d25
Request Chain 1710
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4945&xuid=59e9df5d-c912-4e7b-b753-fe5a89a9761c&dongle=31ac&gdpr=0&gdpr_consent=
Request Chain 1712
  • https://csync.loopme.me/?pubid=11002&redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6126%26xuid%3D%7Bdevice_id%7D%26dongle%3D9e4f%26gdpr=0%26gdpr_consent= HTTP 307
  • https://eb2.3lift.com/xuid?mid=6126&xuid=d08b0939-e7dd-47e1-a1ce-13919d351d77&dongle=9e4f&gdpr
Request Chain 1713
  • https://event.hgrtb.com/sync/triplelift?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmfuid%26dongle%3D8f7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=7666&xuid=12391b1a-2bfc-428a-9b80-5e93db9b32f7&dongle=8f7
Request Chain 1714
  • https://p.rfihub.com/cm?pub=36497&in=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=7414&xuid=1813050728247349171&dongle=U48
Request Chain 1715
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3DK5XH98XlPE9c%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=2636&xuid=K5XH98XlPE9c&dongle=8bee&gdpr=0&gdpr_consent=
Request Chain 1716
  • https://trc.taboola.com/sg/TripleliftSCoD/1/cm?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7772%26xuid%3D%3CTUID%3E%26dongle%3Dtbla HTTP 302
  • https://eb2.3lift.com/xuid?mid=7772&xuid=055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc&dongle=tbla
Request Chain 1717
  • https://sid.storygize.net/ccm/9779a491-75d6-4ad2-92bd-2f159c9892ab HTTP 302
  • https://eb2.3lift.com/xuid?mid=3396&xuid=e70a7824-89af-41a5-a56b-06996c8ccf7d&dongle=c7e1
Request Chain 1718
  • https://c1.adform.net/serving/cookie/match?party=1245&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=7354&xuid=5394353749448417114&dongle=AD20&gdpr=0&gdpr_consent=
Request Chain 1719
  • https://match.deepintent.com/usersync/140?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7596&xuid=di_c053429087de436daa35a&dongle=fg7
Request Chain 1728
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://u.4dex.io/setuid?bidder=sovrn&uid=H8B4hBZHEQ_m7NwFTi24NL7-
Request Chain 1740
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=sonobi&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Request Chain 1741
  • https://idsync.rlcdn.com/711892.gif?partner_uid=770043a8-af77-46db-9a99-c38ce904d888 HTTP 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP 302
  • https://idsync.rlcdn.com/362588.gif?partner_uid=736096f3-a33b-4e74-a900-147a47dba0f3
Request Chain 1742
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NzcwMDQzYTgtYWY3Ny00NmRiLTlhOTktYzM4Y2U5MDRkODg4 HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIk7fdlB9ogQimS7TR93pzw&google_cver=1
Request Chain 1743
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=e315a43aa9&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=736096f3-a33b-4e74-a900-147a47dba0f3&pubid=e315a43aa9
Request Chain 1745
  • https://id5-sync.com/s/434/9.gif?puid=770043a8-af77-46db-9a99-c38ce904d888&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=7386633197929965226&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1246%2F8%2F2.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5
Request Chain 1748
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1813050728247349171
Request Chain 1749
  • https://t.adx.opera.com/pub/sync?pubid=pub9935550313792 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nuid=OPU6f38051ae3b444a4aea786afd04874f0&nw=oa
Request Chain 1750
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=sonobi
Request Chain 1753
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=770043a8-af77-46db-9a99-c38ce904d888&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=K5XH98XlPE9c
Request Chain 1754
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=770043a8-af77-46db-9a99-c38ce904d888 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D570392714%26rnd%3D-1575401367&pcid=$UID
Request Chain 1755
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=-tBDgfwlV_hvwp42xPpc4iaEdkY

1750 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/ 		166 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
774fc53f86ad35963760b5818e4b49723c85094aaf8c5191bc996f6962b279d6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:23 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://www.staradvertiser.com/wp-api/>; rel="https://api.w.org/" <https://www.staradvertiser.com/wp-api/wp/v2/posts/1300053>; rel="alternate"; type="application/json" <https://www.staradvertiser.com/?p=1300053>; rel=shortlink
pragma
no-cache
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 49
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ 		235 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:5800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5028b25c9d02b53eb0b828dd37159d5c943231d4281f2d804ca600acafd24ac7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
lN4UD1fsLjg0nMGsn51lb06xp0ch0r6m
content-encoding
br
via
1.1 46dd9daa6209c4a2b51ec7ba64ab699e.cloudfront.net (CloudFront)
date
Fri, 05 Jan 2024 00:56:33 GMT
last-modified
Thu, 30 Nov 2023 21:16:10 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
age
1936
x-amz-server-side-encryption
AES256
etag
W/"34d381d59454f254a26b731471617db8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600, public
x-amz-cf-id
-mHlaBePLw9o7kCy8sU_KSRL9kFmXQs_mgbC8-zMyogddwpPVMI3-w==
pubcid.min.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/ 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/pubcid.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd2447f77118df6fd4b8710c2b23e7bb4edb557795c643e3d8a7c12df4e6586

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Nov 2020 19:41:56 GMT
server
cloudflare
age
3839648
etag
W/"5faee184-e358"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1bf3b63b3cd-MIA
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
878
age
3163434
cdn-cachedat
09/04/2022 07:20:45
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"450fc463b8b1a349df717056fbb3e078"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
9b06d93d607cff4a6b485d68bf88a0d2
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
8407f1bf1d1a4bff-MIA
cdn-requestpullsuccess
True
sa-style-2018.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/ 		68 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.95
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
95133d31389701ca9c8f34810522a3129d3d54a131c0c47b4cb9d3d804e709e6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 21:13:53 GMT
server
cloudflare
age
4290346
etag
W/"6529b311-11135"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1bf0acdb3cd-MIA
alt-svc
h3=":443"; ma=86400
wsl8gsu.css
use.typekit.net/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1418:a000:9::1728:6309 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e21905907ebc8b9e9b699bf737d869dbeee6d57395af684dfd471bdc85711a10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Fri, 05 Jan 2024 01:28:24 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:44:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
584802
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2F50PINbY2kso1BrcoAbI7ThlITllQGW0SjE6yOIKpXEdu9SyYuhNKxj%2FENOHYWhstuuFf3LJxd83ZUbZnd594rbz7gstbjO%2B2Ft%2FzwxiEmLbIwmo8q6%2FUC6ajhVXj2b4IX%2FrhnWXafCzBLMagjhMtjH"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8407f1bf1e55dacd-MIA
alt-svc
h3=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 23:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jan 2025 23:53:27 GMT
adblockDetector.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/adblockerdetector/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/adblockerdetector/adblockDetector.js?v=1704417737
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d114053b0734a32984149e572c5886d065dfe4bcc4c0ab76334dcc6d3662ccc5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 01 Sep 2022 00:15:33 GMT
server
cloudflare
etag
W/"630ff9a5-3592"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1bf3b6eb3cd-MIA
alt-svc
h3=":443"; ma=86400
adblockerTrigger.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/adblockerdetector/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/adblockerdetector/adblockerTrigger.js?v=1704417737
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
040bda449c7b5d1c35fc5b4df99c7540cf7c81e2670ce7463e4894b65c745681

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 01 May 2023 19:41:18 GMT
server
cloudflare
etag
W/"645015de-cb1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1bf3b66b3cd-MIA
alt-svc
h3=":443"; ma=86400
chartbeat_mab.js
static.chartbeat.com/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f3:3a00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:18:27 GMT
content-encoding
gzip
via
1.1 341de8df4217bc427eae27ed066ab4ce.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 01:18:23 GMT
server
nginx
x-amz-cf-pop
IAD55-P2
age
22198
etag
W/"6583925f-5f13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
uZK6WVCAV6wSlQ5Ox-UcKPoL1IA1E942U9b5xgQVyUIp2EubVwmdHQ==
expires
Fri, 05 Jan 2024 19:18:27 GMT
ZoPFXSjg.js
content.jwplatform.com/libraries/ 		120 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/libraries/ZoPFXSjg.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26c1:5800:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
7e69dfd995bac9daa3974277921a44b864a0210e324cafe4a3d7f463969d83eb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:26:17 GMT
content-encoding
gzip
via
1.1 b3bc6011219d758c8763878f39b43b9e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
IAD61-P1
age
127
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
44759
x-amz-cf-id
RgJhHuIr4L82AdMwkdAMNZqHbkvAZaGZEVPqa3pOnUmuI5kUkESIOA==
hsa-jwplayer.cmd-hsa-minified.1601588720.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/hsa-jwplayer.cmd-hsa-minified.1601588720.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0159831273549544cb9ff04cb7f31edfa5797d9aa4bf1666636bdca542479b76

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Oct 2020 21:45:24 GMT
server
cloudflare
age
3839648
etag
W/"5f764df4-2eb2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1bf3b6ab3cd-MIA
alt-svc
h3=":443"; ma=86400
sa-jwplayer.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/ 		2 KB
925 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-jwplayer.css?version=1.0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
age
3839648
etag
W/"5d893779-603"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1bf0acab3cd-MIA
alt-svc
h3=":443"; ma=86400
load.js
s.ntv.io/serve/ 		654 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.7.17.42 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-17-42.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
07d0084f1697727f6f7f9d76c00d2ef5bdfea6824dc3c4e481fa1cb33bc6c4c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:25 GMT
Content-Encoding
gzip
x-amz-request-id
FEK0RDYHKE7Z93HR
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
INNOuqs4RHJJLlqBcXtZQOirAsPPMe6jhMkafwADn/JVC9pf7hK4E4CHlrXg4NNSYK9b0Vt/SD8=
Last-Modified
Thu, 04 Jan 2024 21:58:11 GMT
Server
AmazonS3
ETag
"ca860bb913967c129a86f12155f1d1dd"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:f200:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6236fce15e28a3bdfdd1f8b3a6c11c84e436ba55b1302ff9b74c092f4cdce020

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
Q.6KMWB1hh0v_qt5FKjeH65CwXAmwK66
content-encoding
br
via
1.1 15cde442051269a0307a638d23683c8c.cloudfront.net (CloudFront)
date
Fri, 05 Jan 2024 01:28:09 GMT
x-amz-cf-pop
IAD79-C3
age
16
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 04 Jan 2024 07:08:30 GMT
server
AmazonS3
etag
W/"07f3938a6d3d9b74271b79795756b348"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-id
aJYhMK7MLXeWXTQIVC5kfECAjMl6GmzBI3RIe-80CsR3I6op8rp_jQ==
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
product.instiengage.com/product-loader-code/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/product-loader-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2009:6c00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a9586a5c708e789646acde6bff4314e54a5851a359ef62627d5a4f3b931719a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qyBDNN18QzZ974Sz3i1ulfXygxBfdzbc
content-encoding
gzip
via
1.1 6558ca49ea7de7f93b4e2fdd32251fce.cloudfront.net (CloudFront)
date
Fri, 05 Jan 2024 01:24:56 GMT
last-modified
Mon, 11 Dec 2023 13:40:35 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C2
age
210
x-amz-server-side-encryption
AES256
etag
W/"9f0d012373b6968787df123f2957b22f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600,public
x-amz-cf-id
RBxpulptyJPZdfl04AC27UPOYW10p2jfwzZY6S0MC-AJ3vvOtlReNg==
optimize.js
www.googleoptimize.com/ 		180 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-KLPLN2M
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
664bc8ccfc5ad7b1bc1b8ab12a8d5b5b3e84e588c5ed632712ed168c47bf9750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
66718
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 Jan 2024 01:28:24 GMT
usprivacy-string.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/iab_ccpa/src/ 		1 KB
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/iab_ccpa/src/usprivacy-string.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5d3f7cad9534723e28aed704f7f5bcbb7f6a2323b2c29f01aa09bc3a46c930d

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 24 Jan 2020 19:14:59 GMT
server
cloudflare
age
4472540
etag
W/"5e2b4233-4e0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1bf1befdb2d-MIA
alt-svc
h3=":443"; ma=86400
uspapi.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/iab_ccpa/src/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/iab_ccpa/src/uspapi.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8921a0fcfd2507826836106dcc06e0612c413bf3797cab39402171724b32df0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 24 Jan 2020 19:14:59 GMT
server
cloudflare
age
3860475
etag
W/"5e2b4233-1158"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1bf3b75b3cd-MIA
alt-svc
h3=":443"; ma=86400
uspapi_call.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/iab_ccpa/src/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/iab_ccpa/src/uspapi_call.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
87228b5246ece9b12bac05b438794791bb67239aab563dafb7e43eb4ddfc8fa9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 24 Jan 2020 19:14:59 GMT
server
cloudflare
age
3860475
etag
W/"5e2b4233-899"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1bf3b72b3cd-MIA
alt-svc
h3=":443"; ma=86400
script.js
powerad.ai/ 		211 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/script.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.34.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-34-84.compute-1.amazonaws.com
Software
/ Express
Resource Hash
be086e9225341350b89cfd52373ad707a4bb2102deca062edefd4d42a4046a98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
gzip
last-modified
Thu, 04 Jan 2024 19:40:50 GMT
x-powered-by
Express
etag
W/"34bb2-18cd5fe1f47"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=172800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
polyfill.min.js
polyfill.io/v2/ 		103 B
612 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v2/polyfill.min.js?features=IntersectionObserver
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 05 Jan 2024 01:28:24 GMT
age
1422933
detected-user-agent
Chrome/120.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
121
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/120.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
common.cmd-hsa-minified.1569273721.css
staradvertiser.wpenginepowered.com/wp-content/plugins/hsa-polls/css/ 		502 B
541 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=6.3.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
cloudflare
age
3864130
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1bf0ab4b3cd-MIA
alt-svc
h3=":443"; ma=86400
style.min.css
staradvertiser.wpenginepowered.com/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jul 2023 11:13:55 GMT
server
cloudflare
age
4194321
etag
W/"64b7c573-19824"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1bf0ab8b3cd-MIA
alt-svc
h3=":443"; ma=86400
vfb-style.min.css
staradvertiser.wpenginepowered.com/wp-content/plugins/vfb-pro/public/assets/css/ 		66 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
server
cloudflare
age
3671588
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1bf0abbb3cd-MIA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5df95beb48c2a9328ce73efa2da922f8449cb281d7b22c46b2632d1f2ec96361
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:36:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jan 2024 01:28:24 GMT
genericons.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/genericons/ 		30 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
age
4293560
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1bf0abfb3cd-MIA
alt-svc
h3=":443"; ma=86400
style.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/ 		0
409 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
age
3825101
etag
"5d893779-0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8407f1bf0ac5b3cd-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
facets.min.css
staradvertiser.wpenginepowered.com/wp-content/plugins/elasticpress/features/facets/assets/css/ 		789 B
536 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
age
4026099
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1bf0ac7b3cd-MIA
alt-svc
h3=":443"; ma=86400
jquery.min.js
staradvertiser.wpenginepowered.com/wp-includes/js/jquery/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 26 May 2023 11:33:35 GMT
server
cloudflare
age
3860475
etag
W/"6470990f-155ba"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1bf3b5ab3cd-MIA
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
staradvertiser.wpenginepowered.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
cloudflare
age
4115648
etag
W/"6482bd64-3509"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1bf3b55b3cd-MIA
alt-svc
h3=":443"; ma=86400
common.cmd-hsa-minified.1569273721.js
staradvertiser.wpenginepowered.com/wp-content/plugins/hsa-polls/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/hsa-polls/js/common.cmd-hsa-minified.1569273721.js?ver=6.3.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3596c8db4dfd165d2fa4af70f72fbb7d22caab7c9b7aa1cd7e91af4a663e6a8d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
cloudflare
age
4029781
etag
W/"5e39cc5c-100a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1bf0aceb3cd-MIA
alt-svc
h3=":443"; ma=86400
custom_ad.js
staradvertiser.wpenginepowered.com/wp-content/plugins/cmd-hsa-ad-tags/js/ 		1 KB
772 B 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/cmd-hsa-ad-tags/js/custom_ad.js?ver=6.3.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3c3a51954dc9824b0abed0296f94f280f96a164ad5145d7506bd27540b398eb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
age
3860475
etag
W/"5d893779-491"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1bf3b5eb3cd-MIA
alt-svc
h3=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js?ver=1.0.0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f825b6751ffb4faf1398415718f9a8eed1b939077915fd4b57960539254fd10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29212
x-xss-protection
0
server
cafe
etag
724 / 19727 / m202312070101 / config-hash: 147569701560198365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:28:25 GMT
sa-logo-white-small.png
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/sa-logo-white-small.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0bc9a339b66ab78582f3d4e03c0de404fcfdb87d899a850fcf0ffeedc65d7e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
cf-cache-status
HIT
age
223224
cf-polished
origFmt=png, origSize=6620
content-disposition
inline; filename="sa-logo-white-small.webp"
alt-svc
h3=":443"; ma=86400
content-length
3506
cf-bgj
imgq:100,h2pri
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
etag
"5d893779-19dc"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8407f1bfbd5ab3cd-MIA
longs-drugs-logo-v2.png
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/ 		546 B
913 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/longs-drugs-logo-v2.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0cf1fcf3f8e456902035d1649158993c3b0dc41a11dd33b05fec0efc675d4c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
cf-cache-status
HIT
age
1315589
cf-polished
origFmt=png, origSize=2324
content-disposition
inline; filename="longs-drugs-logo-v2.webp"
alt-svc
h3=":443"; ma=86400
content-length
546
cf-bgj
imgq:100,h2pri
last-modified
Tue, 15 Jun 2021 01:44:26 GMT
server
cloudflare
etag
"60c805fa-914"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8407f1bfbd61b3cd-MIA
sa-logo-large.png
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/sa-logo-large.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cc8b4c79caae0787ac82aa05fd7bd0510206b2c1fb08aa16079292057741a5d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
cf-cache-status
HIT
age
21680
cf-polished
origFmt=png, origSize=16470
content-disposition
inline; filename="sa-logo-large.webp"
alt-svc
h3=":443"; ma=86400
content-length
9142
cf-bgj
imgq:100,h2pri
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
etag
"5d893779-4056"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8407f1c00e29b3cd-MIA
mostly_cloudy.png
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/small-icons/ 		902 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/small-icons/mostly_cloudy.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ace2938ce7f8b7941c57653daebac67bfd4e21f2014e5b8c62e1b190c55b1e9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
cf-cache-status
HIT
age
113026
cf-polished
origFmt=png, origSize=1228
content-disposition
inline; filename="mostly_cloudy.webp"
alt-svc
h3=":443"; ma=86400
content-length
902
cf-bgj
imgq:100,h2pri
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
etag
"5d893779-4cc"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8407f1c00e33b3cd-MIA
sa-appicon-round.png
sa-media.s3.us-east-1.amazonaws.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.us-east-1.amazonaws.com/images/sa-appicon-round.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.178.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cf3c71fbd3d13cd3d485e6bca01d03807c314bf44cb5732e80796bfcdb20961b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:25 GMT
x-amz-version-id
6uTAjl8ThuA4shqzAqw2tN9NfIbxRbV6
Last-Modified
Fri, 04 Nov 2022 02:02:05 GMT
Server
AmazonS3
x-amz-request-id
ZV82BR8EGDB9Y90X
ETag
"1a1789256390ce194d038e3c1fadf2f9"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
6839
x-amz-id-2
2TP113x9InG5fjXVrzZfhQcDNsYUHnrqCTOEZTd/ufjJg96Ijc38o5jJ85FHj7LQ2yyRlZiD05A=
web-push-bell.gif
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/web-push-bell.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
db1fc237470c723b46265bc0ed2f222b6f9d239f2dd7c6a89e5f1c4fadc04c91

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
cf-cache-status
HIT
age
19706
cf-polished
origFmt=gif, origSize=2681
content-disposition
inline; filename="web-push-bell.webp"
alt-svc
h3=":443"; ma=86400
content-length
1202
cf-bgj
imgq:100,h2pri
last-modified
Fri, 17 Jul 2020 20:14:11 GMT
server
cloudflare
etag
"5f120693-a79"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8407f1c49fedb3c2-MIA
embed.js
embedcdn.sendtonews.com/easy-stn-player/7.29.3-U/
Redirect Chain
  • https://embed.sendtonews.com/player3/embedcode.js?fk=y3roexcY&cid=13479&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
  • https://embedcdn.sendtonews.com/easy-stn-player/7.29.3-U/embed.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embedcdn.sendtonews.com/easy-stn-player/7.29.3-U/embed.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
3.162.125.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-78.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e59c70b8f27c2134f509e56e3a1ff96677c183a550bb8f6978c375952b9c1b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:15 GMT
x-amz-version-id
xqdo0_9_jJJy3IfRoxvG5tem66bP0u7U
content-encoding
br
last-modified
Thu, 21 Dec 2023 20:29:08 GMT
server
AmazonS3
via
1.1 7af6fcba5fc7d18afd4c6d456b52e886.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P3
etag
W/"619ab188798a2cb9e73963d2ee5ded22"
age
10
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
c_qQrG0KoErO0UcLy3O0sQsHM_AWcb3YUcgVTwc7BUh4FrpGQx4_VA==

Redirect headers

date
Fri, 05 Jan 2024 01:28:24 GMT
via
1.1 7af6fcba5fc7d18afd4c6d456b52e886.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD61-P3
x-cache
FunctionGeneratedResponse from cloudfront
location
https://embedcdn.sendtonews.com/easy-stn-player/7.29.3-U/embed.js
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
4DeUoERCadzrZg9xXRle5zO2CIImILlJIM16vcWtAj-P1tSjxPo9UA==
MauiRelief-hsa-300x100.gif
sa-media.s3.us-east-1.amazonaws.com/sa_ads/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.us-east-1.amazonaws.com/sa_ads/MauiRelief-hsa-300x100.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.178.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d191df126d7910f3786c5448ee14ee53c8eac9324c0a14450270b13fb8286c7b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:26 GMT
x-amz-version-id
RUgG5_u4diDoGd4M_szTyCzd.q30o5I1
Last-Modified
Fri, 18 Aug 2023 01:24:29 GMT
Server
AmazonS3
x-amz-request-id
JZ36HPS8JX786K09
ETag
"43c8ff802fda39445faa7bee18b755b5"
x-amz-server-side-encryption
AES256
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
11650
x-amz-id-2
aofXMQUa0/lIikY4ee+tpkw7h7zmniSELjcF8wBUaK5z4NBtHWr0ayQJU2usF1bZIP0yJWwz5fw=
origami-widget.js
origami.secure.ownlocal.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami-widget.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:14:46 GMT
content-encoding
gzip
age
819
x-guploader-uploadid
ABPtcPoH8R6TeqThw2Dl7-OQNmJJ9bte8QL4oD86mYqdSR6P5-1t_sh-RT7x3YA4bidoDXNnaLw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4808
last-modified
Wed, 21 Jun 2023 21:35:39 GMT
server
UploadServer
etag
"68dd5e82a21dad7c0e6886077c271392"
vary
Accept-Encoding
x-goog-generation
1687383339209545
x-goog-hash
crc32c=7EpObg==, md5=aN1egqIdrXwOaIYHfCcTkg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
4808
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 06 Jan 2024 01:14:46 GMT
get.js
cdn.cityspark.com/wid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cityspark.com/wid/get.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mic/9A87) /
Resource Hash
2e4346aa7f0340066dfb5aa361ff449a438a172d5432719cd405e876a0d7b439

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
gzip
content-md5
8ouzdXeMpGxUBMAUF/mhkg==
age
543225
x-cache
HIT
content-length
1002
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 10 Mar 2023 18:25:29 GMT
server
ECAcc (mic/9A87)
etag
"0x8DB2194D3ACD75C+gzip"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
694bce2e-901e-00cf-6985-3a765f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
20231228_WEB_-12-31-1974-HSB-A1.jpg
staradvertiser.wpenginepowered.com/wp-content/uploads/2023/12/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/uploads/2023/12/20231228_WEB_-12-31-1974-HSB-A1.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0faa74cc0202a762b225d773263f5cc9a8adec46a708d0684e654871e4f428

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
cf-cache-status
HIT
age
615232
cf-polished
origSize=95749
alt-svc
h3=":443"; ma=86400
content-length
68214
cf-bgj
imgq:100,h2pri
last-modified
Thu, 28 Dec 2023 22:29:13 GMT
server
cloudflare
etag
"658df6b9-17605"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8407f1c49fefb3c2-MIA
SA-LocalBusinessGuide-RightRail.gif
sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/SA-LocalBusinessGuide-RightRail.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.72.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b9992e87acdce0b56ae06a416a40ba5b4771a9cd7701d97e9487044dbf1b65e0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:26 GMT
x-amz-version-id
6IbaSWxCO7LzRPA4INzeWwcVLvh1Iht9
Last-Modified
Fri, 17 Jul 2020 01:10:19 GMT
Server
AmazonS3
x-amz-request-id
JZ3BY0G9BCKG3JPC
ETag
"4de67d2a7b83c7aa57c53c16e04f45fe"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
33694
x-amz-id-2
KIBGLXerGePd4+uqAYgDHyFtjJI1kXkkos+PwUNk/Ry97yZLeOXXOOVXDdXNYDhlEsU2NtoGmO0=
comment-reply.min.js
staradvertiser.wpenginepowered.com/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-includes/js/comment-reply.min.js?ver=6.3.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
cloudflare
age
4213560
etag
W/"625095f6-ba5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1c37dc4b3c2-MIA
alt-svc
h3=":443"; ma=86400
functions.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/functions.js?ver=20200320
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cab875a2a392985fb6bc7269ea092a6b16d208b2ba247cba8bfc0f626d9caac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Mar 2020 19:28:26 GMT
server
cloudflare
age
3839649
etag
W/"5e7a5f5a-10af"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1c47f94b3c2-MIA
alt-svc
h3=":443"; ma=86400
underscore.min.js
staradvertiser.wpenginepowered.com/wp-includes/js/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 27 Sep 2022 15:18:25 GMT
server
cloudflare
age
1186865
etag
W/"63331441-4991"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1c49fddb3c2-MIA
alt-svc
h3=":443"; ma=86400
facets.min.js
staradvertiser.wpenginepowered.com/wp-content/plugins/elasticpress/features/facets/assets/js/ 		399 B
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/elasticpress/features/facets/assets/js/facets.min.js?ver=2.5.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
842542e571b27f1586b2472b0f927e13973b6b47e5d9fe345abfd2436eb24fe6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
age
4038269
etag
W/"5d893779-18f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1c49fe0b3c2-MIA
alt-svc
h3=":443"; ma=86400
jquery.bxslider.min.v4.2.12.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/bxslider/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/bxslider/jquery.bxslider.min.v4.2.12.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
age
3838603
etag
W/"5d893779-5bf7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1c49fe1b3c2-MIA
alt-svc
h3=":443"; ma=86400
jquery.fitvids.v1.1.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/bxslider/plugins/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/bxslider/plugins/jquery.fitvids.v1.1.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
age
3838603
etag
W/"5d893779-d16"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1c49fe6b3c2-MIA
alt-svc
h3=":443"; ma=86400
popper.min.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/popper.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
age
1283285
etag
W/"5d893779-4af4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1c49fe8b3c2-MIA
alt-svc
h3=":443"; ma=86400
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/js/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
404618
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11522
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-bf30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1bHat37CFUUgiN%2FqQ0J4kDvMfXgFn7NyqXzgxmt5NF%2FPqEtbQK7AmevXqIGYoasjUsbYleGeGKPyWBMsBl98nagK0wZsWnNhDdxjX9WXZvYt157%2FI%2BmM5vvBeFbnnZGQNs43n6Axp6%2FNJdqsEhqje%2Foq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8407f1c54812daed-MIA
expires
Wed, 25 Dec 2024 01:28:25 GMT
prefixfree.min.js
cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19a28e2d74e7eee25716e5a9e7bba44191ae28ada05995a5107d7a85cea3054f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4295514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2135
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-16f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMNkV3s48fRJXFKfAZgTPZWe5Tg4jbWifHOE032%2FynF25q4GTMGtMM68VU6C5%2BQJSDkQN%2Bhxd8u127BHUamxS5taCCPgqvQoaL0%2B2G3BudSLEI3MVuDvGFmhA0ZSoYAjpqMTMKwTpL3KXpCGEutAjDjv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8407f1c54810daed-MIA
expires
Wed, 25 Dec 2024 01:28:25 GMT
hawaiian-text.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/ 		915 B
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/hawaiian-text.js?v3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
27a248eda1fdeed115a09b6721edd068770883206d013e5b493a12aab50a7c41

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
age
308294
etag
W/"5d893779-393"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1c49feab3c2-MIA
alt-svc
h3=":443"; ma=86400
custom-author.cmd-hsa-minified.1702929336.js
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/js/custom-author.cmd-hsa-minified.1702929336.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea396e5fee2844b8aedd5ec2180faa7536df06eb16301936dcf1d74e09e2d3e1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Dec 2023 19:55:41 GMT
server
cloudflare
age
1488746
etag
W/"6580a3bd-2c40"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1c49febb3c2-MIA
alt-svc
h3=":443"; ma=86400
tag
a.teads.tv/page/57606/ 		793 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/57606/tag?v=1.1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
57acb0c4ea5a8ea31215572f4a0c492173c207252c3547447c9e833838df8460

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, no-store
access-control-allow-credentials
true
content-length
490
expires
0
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
q9b9clsZLLfdBtwdmheOfdbmJj61AqqK
date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
br
last-modified
Wed, 16 Aug 2023 09:22:55 GMT
x-amz-request-id
9VKTNVPFV7W344D7
etag
"ee3af1e29ac1607ef3d41c515d1e05ad"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3418
x-amz-id-2
0wZeppYlnjKqRsx9T5yGA2OLeKEc6MNURztf3PB6sv7LZYZ3Lwx+FCSv336V4tvRlVCXNNzTImk=
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/client/impression/ 		0
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/client/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=130148&referer=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mp8mPIdWpZfOXGSc6IbqwJEo0eL7%2BtTVZDM0NlZXlDsQengllO4FpF5auatvz06bxHJUaZuPmFATm3%2BeEK9kAttO%2FJM8zqFCMuT0RfVZXzsNzOym4p%2B4SbqqaAHUYska6yZUx74gJcjJwQtxeNKX1pb7LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
8407f1c628e70979-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
F6dPPIWP4V1vAt4B7fuC
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=wsl8gsu&ht=tk&f=139.140.175.176.28494.28496.28497.28498&a=84346937&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wsl8gsu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1418:a000:9::1728:6311 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:24 GMT
last-modified
Fri, 14 Jul 2023 12:49:52 GMT
server
nginx
etag
"64b14470-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
gtm.js
www.googletagmanager.com/ 		207 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5VRMHDK
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
843a1c75709f7fa607e463b7002e0373ce37f1688eca6097096898925b371eb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73889
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 Jan 2024 01:28:25 GMT
aam.js
aamcftag.aamsitecertifier.com/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aamcftag.aamsitecertifier.com/aam.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26c1:5400:14:c3e7:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ef65f1d4b3ddf07c3960a578d532f8aecd6b9d551631b2611596fb652480a9b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:12:57 GMT
content-encoding
gzip
via
1.1 3c324ded5bb9b770378ef373690c8a34.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 12:12:37 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P1
age
69346
etag
"866e5e2d2bbc029b03dd3a94440e09f2"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
27410
x-amz-cf-id
sXhanEBBkzHeS53wguZMz3extzfPb1Aj6b5NWcFICFMbR2FEXsrbHg==
x-amz-meta-s3b-last-modified
20221117T120833Z
loader.js
cdn.taboola.com/libtrc/oahu-staradvertiser/ 		869 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/oahu-staradvertiser/loader.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0310012cc35defdd3648d96e05531e8c9245afc27e6f2ecf90220a0607e0e4f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
G7PK.DEBJzo2hS._76tyka02A4oh20mW
content-encoding
gzip
via
1.1 varnish
date
Fri, 05 Jan 2024 01:28:25 GMT
x-amz-request-id
5ZJ228TQKSMYVR7R
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
61923
x-amz-id-2
ElfrAanepxp1qz7zX+VpkdFdcrJNX4Dryk9JfNn0sA/3SerzXzvknhjee3OQ4bm+OSC7eCvbCPc=
x-served-by
cache-mia-kmia1760087-MIA
last-modified
Thu, 04 Jan 2024 10:53:10 GMT
server
AmazonS3
x-timer
S1704418105.476672,VS0,VE52
etag
"e7594b67e0ce41c017c3a5255713360e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
73
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-29.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 07:35:49 GMT
content-encoding
gzip
via
1.1 39cace2136102a575c38c82525d3b770.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
IAD12-P2
age
64357
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
mWjSAFQ7dseoFnHTXTrZcV5LgdrhlzfO1Vf-PmRIFfUKr0ye8aIlJw==
c13p8ejhds
www.clarity.ms/tag/ 		1017 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/c13p8ejhds
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a88988c02bda9c302903cfbf6371957550308ab5156d9ad2c5094ab9e0a85103

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
date
Fri, 05 Jan 2024 01:28:25 GMT
x-azure-ref
0OVuXZQAAAADjtQcXqqRRSY9FihOjijDiQk4xQUEyMDUxMDIwMDUxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
1017
expires
-1
v2mdeKVK3lHBPCgV9BqhEO8aM-8HzikkqGdO_eK8uJayw3hfoUG1qVQ8
knottyswing.com/ 		202 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://knottyswing.com/v2mdeKVK3lHBPCgV9BqhEO8aM-8HzikkqGdO_eK8uJayw3hfoUG1qVQ8
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ad23df533eb004fef51ed97db48ee9cd3dede93adc5cea4bba504c24cbff5242
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Fri, 05 Jan 2024 01:28:25 GMT
x-datacenter
gce-us-east1
etag
"73ab87ab91605e5fa95de444be0d3fd893e888b0bce0abb2eca84bcc42e01e6c"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-b72j
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v2xbrfnnITHReQLZrpdmtTl_hk2h52eMsxeLaKgDpGDZInOGWMbtaBaXDYTDBkZsyTQfWXG36
scribblestring.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scribblestring.com/v2xbrfnnITHReQLZrpdmtTl_hk2h52eMsxeLaKgDpGDZInOGWMbtaBaXDYTDBkZsyTQfWXG36
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
259fbed24627d02f3a630cbb6ea1dfcfde2fde9373b82b9bc8fc4c288732ddc7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Fri, 05 Jan 2024 01:28:25 GMT
x-datacenter
gce-us-east1
etag
"ebca1fc74bd5aad9daba05be5d056b7eabe23dd4b83fd88b3caff19c6b00d3b3"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-b72j
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
44ae1bc9-39ac-40a1-9587-732e6779e89f.js
d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/ 		424 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:f200:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41984f07f46ceeff01f43f3a0bb98ef77c91fa21122c9b87fb4e5fa8d8d0e194

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 16:35:41 GMT
x-amz-version-id
Dsr5h2b6UusTPSpbx4UTtac4WbgsUxQH
content-encoding
br
via
1.1 15cde442051269a0307a638d23683c8c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C3
age
31965
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 29 Dec 2023 19:52:18 GMT
server
AmazonS3
etag
W/"1336e81045e454e7558ea065fbe7e47d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-id
pGbcm6QGCyUXFA75IdP3yJXcHJJ3P4E97LkSTFMR0rYU2V3kNoKWvQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
619d10e42eb4af4f148ec7cb585d5017a982e8ecd5a33b2cc55e0ecaa66efa02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29209
x-xss-protection
0
server
cafe
etag
189 / 19727 / 31080177 / config-hash: 147569701560198365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:28:25 GMT
44ae1bc9-39ac-40a1-9587-732e6779e89f-hb.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/ 		136 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f-hb.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:f200:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29cc4c6275e17d792d0a6a32f7bfd5efb85bf3a94005c57a25895a3211651532

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
ZbmnJFZPTrjiTUM4v6qN10gktH2occxP
content-encoding
br
via
1.1 15cde442051269a0307a638d23683c8c.cloudfront.net (CloudFront)
date
Fri, 05 Jan 2024 01:28:09 GMT
x-amz-cf-pop
IAD79-C3
age
17
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 04 Jan 2024 07:08:23 GMT
server
AmazonS3
etag
W/"5cd606db13795ae7568a6660f9172f83"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-id
aBeYc9fKS7COZhpik8tAqMWZF_FpYZPO5VmlCzP84YHZBBkePV8gRg==
44ae1bc9-39ac-40a1-9587-732e6779e89f-dmp.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f-dmp.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:f200:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cecb78b37d91ce43c90d5dfa9c5140d25e7c50c72d3ec7136bdd5d8c71d10fe6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
mNxdsNeSJKVuyF7M9qy1rw7Y2_haxuLu
content-encoding
br
via
1.1 15cde442051269a0307a638d23683c8c.cloudfront.net (CloudFront)
date
Fri, 05 Jan 2024 01:28:09 GMT
x-amz-cf-pop
IAD79-C3
age
17
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 04 Jan 2024 07:08:23 GMT
server
AmazonS3
etag
W/"6672088723ad6c04bbd8d08b3ae765b9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-id
Njsp3iwSt0lFyMAxWojeV47PH0ulVJOz-CMPDTnh8zf67ebsjQ4c-Q==
/
geoip.instiengage.com/json/ 		239 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.92.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-92-32.compute-1.amazonaws.com
Software
/
Resource Hash
e1bb93212595f410e0d69a4f0a1142cf46152d21b8e7800a7d1ad099dd56eb37

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:25 GMT
access-control-allow-credentials
true
x-database-date
Thu, 04 Jan 2024 14:36:32 GMT
content-length
239
vary
Origin
content-type
application/json
index.html
auth.instiengage.com/auth/ Frame 4606 		75 B
494 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2009:7400:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
99
cache-control
max-age=300
content-length
75
content-type
text/html
date
Fri, 05 Jan 2024 01:26:47 GMT
etag
"2e3d17ce9023be2c1313c02113f5c568"
last-modified
Thu, 11 May 2023 11:38:04 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 7bab52277d6272f1dda6e20e26aba08e.cloudfront.net (CloudFront)
x-amz-cf-id
dw0oaKbxqpeVTsF_y-yuGWNdbk-bcsAWVZhWpeVj-cMs1JamNcNNzw==
x-amz-cf-pop
IAD66-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
sdvig1qk6AHuXLU2Lr6rxmxwpeBBF1C.
x-cache
Hit from cloudfront
polyfill.min.js
polyfill.io/v2/ 		103 B
192 B 		Other
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v2/polyfill.min.js?features=IntersectionObserver
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 05 Jan 2024 01:28:25 GMT
age
1422934
detected-user-agent
Chrome/120.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
121
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/120.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
4b58349d-b718-4ca9-8801-98dbc57eb6a2
https://www.staradvertiser.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/4b58349d-b718-4ca9-8801-98dbc57eb6a2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
i.js
i.kissmetrics.io/ 		39 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.kissmetrics.io/i.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.55.99.106 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
2bc18c5e40b439c202bfa5d0a973c2a8c30ccdb6a83c85c5d0b55cd2abcad8b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI CURa ADMa DEVa TAIa OUR IND UNI NAV INT"
date
Fri, 05 Jan 2024 01:28:25 GMT
cache-control
max-age=2592000
content-type
application/javascript,application/x-javascript
server
nginx
content-length
39
expires
Sun, 04 Feb 2024 01:28:25 GMT
1f177fde1be2a71ccc3da4ab0b377bb91e9a3801.2.js
scripts.kissmetrics.io/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.kissmetrics.io/1f177fde1be2a71ccc3da4ab0b377bb91e9a3801.2.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:e600:15:9da4:e200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 (Ubuntu) /
Resource Hash
224d1e91790c66709986efe276bba8880dfc374c86855cdeacb0ca52a8ef0f42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:27:56 GMT
via
1.1 46e2fa2a811f54853547788992d9aca0.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 15:18:00 GMT
server
nginx/1.22.0 (Ubuntu)
x-amz-cf-pop
IAD55-P3
age
29
x-amz-server-side-encryption
AES256
etag
"1797faa903cd0b95ea85a4bafac8ad71"
vary
Accept-Encoding
x-cache
Hit from cloudfront
p3p
CP="NOI CURa ADMa DEVa TAIa OUR IND UNI NAV INT"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=60
x-amz-cf-id
G525TTkqV02Bau_yzlfog8SWXKtQotSXEaGYKJgS8YAqNUj2tJfaOg==
bg-ad-black.png
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/ 		60 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/bg-ad-black.png
Requested by
Host: staradvertiser.wpenginepowered.com
URL: https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.95
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
52bb57fd18280102ff97c27797d2fd0d36dfcbb0ce9560c3d9b3a092045cc143

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.95
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
cf-cache-status
HIT
age
3692904
cf-polished
origFmt=png, origSize=1035
content-disposition
inline; filename="bg-ad-black.webp"
alt-svc
h3=":443"; ma=86400
content-length
60
cf-bgj
imgq:100,h2pri
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
etag
"5d893779-40b"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8407f1c5491eb3c2-MIA
bg-ad.png
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/ 		56 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/bg-ad.png
Requested by
Host: staradvertiser.wpenginepowered.com
URL: https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.95
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5004c313c6c0e1e0b4c52d9f3bdd40243c6bd8e5fffc697a45320adc9c7a8a30

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.95
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
cf-cache-status
HIT
age
1316819
cf-polished
origFmt=png, origSize=15045
content-disposition
inline; filename="bg-ad.webp"
alt-svc
h3=":443"; ma=86400
content-length
56
cf-bgj
imgq:100,h2pri
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
etag
"5d893779-3ac5"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8407f1c54920b3c2-MIA
l
use.typekit.net/af/65a133/00000000000000003b9adc1a/27/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/65a133/00000000000000003b9adc1a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wsl8gsu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1418:a000:9::1728:6309 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
acc3c4b04f19bc9067921dc3e4ce4f734521bb13b9d0c9943e8fa9585797114f

Request headers

Referer
https://use.typekit.net/wsl8gsu.css
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
server
nginx
etag
"d1273710b7f550512dbb2ff62d904ba6dde81f28"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34860
fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
322358
alt-svc
h3=":443"; ma=86400
content-length
55144
last-modified
Fri, 22 Sep 2023 01:44:05 GMT
server
cloudflare
etag
"2ac01f7650b5ab76bfebbc708928929e"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uf8WASVSMEBNsydDZgY3AJ1IIVcufwnEF9SWOGgPAZvd8STxVrZ33AWwJYO1GKmITmLU58RPuF%2B4NWMyOP7%2FkETZwPKu0k%2FZWP6%2BPeCmBN2xQWF53RJ7T0cOxDhsSltPx2oElkfmGXSjWQk7byb3DzAa"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8407f1c54ac8dacd-MIA
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
406162
alt-svc
h3=":443"; ma=86400
content-length
44068
last-modified
Fri, 22 Sep 2023 01:44:05 GMT
server
cloudflare
etag
"84f351b3972185aed620f78489e48b2d"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fy7SHQ4Oz3x7N5CxES9si1AxTfH%2BT8snUb0P2s0CWbHacxq1nCZl65mJTomTuHAjq0opl5w4NPSlN9FrQMPWCT04gzw%2BPI6AQy%2F3R%2BI8cay7cmvrttn%2F7MQLgHSJENftyEIb0PZm9mhanB%2B8kt1wqxxY"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8407f1c54acadacd-MIA
fa-regular-400.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2cdb4f2ed4b585d772068df75c01d0a360d45d27294188fccf5ceb4255fdc83

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
584759
alt-svc
h3=":443"; ma=86400
content-length
12216
last-modified
Fri, 22 Sep 2023 01:44:06 GMT
server
cloudflare
etag
"12717b4a013de862452c4ffcf4e1c264"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qo39zaQRC312qdyMkRjyrwcQuUxrv7S6j4pK%2FptpdWL7ljhNu5sNshk19x9WUJbm9vlCS0wA1vSLrefa9k3ezZ1cyrGfCk5fTg5qA0sc51EOK5h00PgqLZPi591N%2Fy2LdtgP1Q0IDIRk%2BRtDdo%2FnXxW8"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8407f1c54acbdacd-MIA
web1_14550598-64a3a227c59e4664b65a42450334d97d.jpg
staradvertiser.wpenginepowered.com/wp-content/uploads/2024/01/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/uploads/2024/01/web1_14550598-64a3a227c59e4664b65a42450334d97d.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed615ef950e3225345588fb22a83966c8b754d506339f12172811cb4a0625d6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 01:12:03 GMT
server
cloudflare
etag
"65975763-17ddc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8407f1c63b44b3c2-MIA
alt-svc
h3=":443"; ma=86400
content-length
97756
web1_14550598-d421ba5122574953a95cb15dd7375f06.jpg
staradvertiser.wpenginepowered.com/wp-content/uploads/2024/01/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/uploads/2024/01/web1_14550598-d421ba5122574953a95cb15dd7375f06.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a126b49ae948fa14ec7c581557adcd44377f19138c3c15759a0cadf6d2ab55fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 01:12:02 GMT
server
cloudflare
etag
"65975762-158c0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8407f1c63b47b3c2-MIA
alt-svc
h3=":443"; ma=86400
content-length
88256
web1_14550598-aa040bbe4f824bc3ba0862014332c4f5.jpg
staradvertiser.wpenginepowered.com/wp-content/uploads/2024/01/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/uploads/2024/01/web1_14550598-aa040bbe4f824bc3ba0862014332c4f5.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3e3df2f51e6a24bfeb9dea74be4bc725febbbe204b6d142a962b8b20bfb18ed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 01:12:01 GMT
server
cloudflare
etag
"65975761-13be0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8407f1c63b48b3c2-MIA
alt-svc
h3=":443"; ma=86400
content-length
80864
authIframe.js
auth.instiengage.com/auth/ Frame 4606 		65 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/authIframe.js?v=1
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2009:7400:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
.lK6ICx53soEeOpFisF5xs3WBNt5Sw79
content-encoding
gzip
via
1.1 7bab52277d6272f1dda6e20e26aba08e.cloudfront.net (CloudFront)
date
Fri, 05 Jan 2024 01:26:44 GMT
last-modified
Thu, 11 May 2023 11:38:01 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C2
age
102
x-amz-server-side-encryption
AES256
etag
W/"e0bffec4a3929b23d4347f914449f5cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300
x-amz-cf-id
hCQg902Bdd6CCRFT4UUjGpyqmShzl0x1JSKxLKnvMAnkyPDHbyQtMg==
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/7.29.3-U/ 		683 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.162.125.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-78.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3772aa5d9ab06b270165da73427ec3653cdcf83388fa0f20b5ce0cac5f0dbc65

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:20 GMT
x-amz-version-id
WawtNCr7X3mmR0NRFC0WyhfCxQee5NhA
content-encoding
br
last-modified
Thu, 21 Dec 2023 20:29:09 GMT
server
AmazonS3
age
6
x-amz-cf-pop
IAD61-P3
etag
W/"6c5b9a53101042b63fcc9c7aaa2fd113"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
via
1.1 6123d2a57c9fa3d5613bea69a7290ae0.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
FzpU0fVlwYkJ5tWLIDBAgHMpHYZu9DWrYpg5I2Up45UigUMApfebXg==
hotdealshawaii
travel.payvibe.com/affiliate/ Frame 0EEE 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://travel.payvibe.com/affiliate/hotdealshawaii
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.27.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-27-167.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d0a169f5ea995a0448231d4c9a4cf1809bfa7089d6b6cfc8b085752bb6d968d0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
content-length
2608
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:26 GMT
server
Apache
email-signup-bg2.gif
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/email-signup-bg2.gif
Requested by
Host: staradvertiser.wpenginepowered.com
URL: https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.95
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa8ca82f682cc889fb3ef3e552efd4c0fbc3a09e44149463d4b1935417d8dcd2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.95
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
cf-cache-status
HIT
age
224739
cf-polished
origFmt=gif, origSize=16728
content-disposition
inline; filename="email-signup-bg2.webp"
alt-svc
h3=":443"; ma=86400
content-length
14396
cf-bgj
imgq:100,h2pri
last-modified
Sat, 12 Oct 2019 02:20:59 GMT
server
cloudflare
etag
"5da1388b-4158"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8407f1c868adb3c2-MIA
loader-sa.jpg
staradvertiser.wpenginepowered.com/wp-content/plugins/cmd-hsa-lazy-load/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/cmd-hsa-lazy-load/assets/img/loader-sa.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5042d199b823eca4b8faa8a4d086f59ab36b9c91967c3f2899319e1f737b4897

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
cf-cache-status
HIT
age
4107657
cf-polished
origSize=27832
alt-svc
h3=":443"; ma=86400
content-length
2024
cf-bgj
imgq:100,h2pri
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
etag
"5d893779-6cb8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8407f1c8b976b3c2-MIA
ml.br.js
js.matheranalytics.com/static/ltm/ma15446/988352900/2/
Redirect Chain
  • https://js.matheranalytics.com/s/ma15446/988352900/ml.js?cb=1644
  • https://js.matheranalytics.com/static/ltm/ma15446/988352900/2/ml.br.js
144 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma15446/988352900/2/ml.br.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
6b88007a74c504349058e7426f51eab20681dc27d871d34401cd08570e04df58

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 20:48:47 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 20 May 2022 17:46:28 GMT
server
nginx
age
16779
etag
"22446afe5b2e160c4085229787c1a44a"
vary
Accept-Encoding
x-cache
HIT Sun, 18 Dec 2022 06:06:27 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42777

Redirect headers

date
Fri, 05 Jan 2024 01:28:25 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma15446/988352900/2/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-served-by
4-gc-useast1-22ng1037
9865.jsx
cdn-p.cityspark.com/wid/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-p.cityspark.com/wid/9865.jsx?b=1704418105717&on=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tLzIwMjQvMDEvMDQvYnJlYWtpbmctbmV3cy9tb3JlLXRoYW4tMjAtaW5qdXJlZC1hZnRlci1uZXcteW9yay1jaXR5LXN1YndheS10cmFpbi1kZXJhaWxzLw==&callback=jsonp9865
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9000::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8d50b0ae37a9951047e754c97506df6f352cec83e026aab981819d683194c001
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 05 Jan 2024 03:28:25 GMT
date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
gzip
strict-transport-security
max-age=0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=7200
x-proxy-cache
HIT
tag
btloader.com/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=4879373895204864&upapi=true
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88f6400ca4aaae3a8014a52cf355c75f31551c46c5915407ee00706072ff1649

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 05 Jan 2024 01:11:18 GMT
server
cloudflare
age
839
etag
"ad558ddfd7623b1d1dc0fc09e19189d4"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
8407f1c9ab0c2876-MIA
content-length
24779
client-v2.js
jxgdqbxdiycfimegq.ay.delivery/ 		92 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jxgdqbxdiycfimegq.ay.delivery/client-v2.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:ae1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1752927363c1c6d6de58b58f7749fa525fd67c1e19b8357b57962d93b844566

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Jan 2024 01:17:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
655
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kS5lX2Atayg50K5e5xEe0v7lnOZ%2FbOKinqx9HuruGE1DBCyI283D0SKrTN%2Fvn9alwk5srGg4jw0PQMiAMo9t6TgGkVWJ44yw%2FzFe3yS82KeQkjvlW0ibimOcdT0fK2edxUNvSNIK1gQMsNABYhPNeCPj6eu2vEf9lVatXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cf-ray
8407f1c9ad09127f-MIA
alt-svc
h3=":443"; ma=86400
/
geoip.insticator.com/json/ 		239 B
430 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.85.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-85-240.compute-1.amazonaws.com
Software
/
Resource Hash
e1bb93212595f410e0d69a4f0a1142cf46152d21b8e7800a7d1ad099dd56eb37

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:25 GMT
access-control-allow-credentials
true
x-database-date
Thu, 04 Jan 2024 14:36:32 GMT
content-length
239
vary
Origin
content-type
application/json
config.js
cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		104 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f-hb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
167c22266b7091f63771b3d901bd83f1b1676cb23b413373a98414d98ca3a2e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Jan 2024 00:17:37 GMT
server
cloudflare
x-amz-request-id
GEATDVV1Z1W5RMB2
age
116
etag
W/"e760da2324a0b4b8f15ce1a2851dbade"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
8407f1c9a8be744a-MIA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
SL6O1IJEBRhuVM43nXNKBlEZCl+Wc210kdWgF12UZm0xZysILJy8apIGm9NY895zVKjRfKj92Xc=
localstore.js
script.4dex.io/ 		483 B
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:26 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
670416
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWEHx6kpfe8bCcfiFILQG%2B%2BKFhPwzxP8bYKAIDs8quierksqGhTtC98bYaaWdUJm7G3rTjfIgcP7KSDhbQMRTr3KPJBjv9LCZGWUoa5kJt4R4lwbbmG11Gnfq06ZdQM3zPejjT0V8fvcjoaC"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
8407f1ca3ab20306-MIA
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1845181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17086
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-f4a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUEdsvv6YkcE8xHXf%2BfSAujN8Uq0RE%2Bn73dms6fPLWqgcs9PCB%2F1%2Fdnf9%2FbllC%2BsJ41LSAhEtqSijEeXZo8VJtJAOWEelWKJ5Z4qiTcAvSSL2i%2B4WbC4TdCfdpKubexG5iz8cw49qKUxApIxwC%2BHadbA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8407f1c9fc750971-MIA
expires
Wed, 25 Dec 2024 01:28:25 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 13:54:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
41617
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138203
x-xss-protection
0
server
cafe
etag
14959461090202361603
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 03 Jan 2025 13:54:48 GMT
/
reporting.powerad.ai/ 		2 B
272 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://reporting.powerad.ai/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
detect-aau
powerad.ai/ 		2 B
222 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/detect-aau?ch=2
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.34.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-34-84.compute-1.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by
Express
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
detect-aau
powerad.ai/ 		2 B
223 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/detect-aau?ch=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.34.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-34-84.compute-1.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by
Express
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
/
powerad.ai/pubPls/ 		48 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.34.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-34-84.compute-1.amazonaws.com
Software
/ Express
Resource Hash
012fe5f0973f4e2e709cec1d1b4acf8875d61b126ddf3082415ed78ad2ed6182

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:25 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"c0f2-JpiyqZEI+5tNGdblM4wBbG+S2o4"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
access-control-allow-headers
*
t
jadserve.postrelease.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&ntv_mvi
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.141.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-141-199.compute-1.amazonaws.com
Software
nginx /
Resource Hash
54e8782d0999e75a516a20c789ed49900f306ab851e187e98d84b3ddf365840c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
1138
expires
Mon, 1 Jan 1990 12:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		154 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222d621f846cc3d3%22%3A%229b40b2232f71a5893638%7C300x250%7Cgpid%3Dstaradvertiser.com-div-insticator-ad-1%2Cc%3Dd%2C%22%2C%2238672221fdde68%22%3A%228cec8c874ac937aad2b2%7C300x250%7Cgpid%3Dstaradvertiser.com-div-insticator-ad-2%2Cc%3Dd%2C%22%2C%22498368f90cafb8%22%3A%2230398ad54a9a05f1a915%7C250x250%2C320x50%2C320x100%2C336x280%2C300x250%7Cgpid%3Dstaradvertiser.com-div-insticator-ad-3%2Cc%3Dd%2C%22%2C%22588369f2ce47b4%22%3A%22bd23ed8a9c4fd706afba%7C728x90%2C468x60%7Cgpid%3Dstaradvertiser.com-div-insticator-ad-4%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&s=d2d47b8e-c2b2-442f-b385-dcfce1fa1864&pv=4bc5dd7f-3045-4a52-a504-583763608de9&vp=desktop&lib_name=prebid&lib_v=7.42.0&us=50&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22staradvertiser.com%22%2C%22keywords%22%3A%22Nationalnews%22%2C%22publisher%22%3A%7B%22domain%22%3A%22staradvertiser.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%220eda47e1-3a3f-4444-8ab9-a525f4133e8d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2295d1454d-e53e-46b3-b4de-3341491a2a03%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
52f851ba5cfc4de1d884667d5abde023f95108f18c1f000c1cef82b395e2bf0d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-180
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
140
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c7ec13fc2e24535f0d464cc1f9a5877e1fae73a5d0d5ccdc218db8e7a15a2f9

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-las
date
Fri, 05 Jan 2024 01:28:26 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: div-insticator-ad-4
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8407f1ce3dbd3361-MIA
expires
0
bid
s.seedtag.com/c/hb/ 		79 B
853 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
8585a6589f528272969053f42be4f3c6d3a1e69b4447deb36b96386a21120798

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
gzip
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
openrtb
ex.ingage.tech/v1/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59ac00adbac0203a417e559dfec8694c8b6c3d4c5ece330e6834f5daab6b83d4

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
cf-ray
8407f1cf0972db05-MIA
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		474 B
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1451:17::1460 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
5915864d6766c5bb770e9a163cbe3d3f38e334125532928c7814cc7009557d54

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:26 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
474
expires
0
c
prebid.a-mo.net/a/ 		1014 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
ee22401aef67fb6ec777ab4bd863f43550ddec1fc5f9bef29f01934836ef889f

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
content-length
519
hb
ssc.33across.com/api/v1/ 		87 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cCEXk2Rtir6jLGaKkv7mNO
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
29f3a1c0cd4565b0277167096d361e171bcc442aefdc0d7475059067682abdbd

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=doHK72Rtir6ikDaKlId8sQ
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
29f3a1c0cd4565b0277167096d361e171bcc442aefdc0d7475059067682abdbd

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dNKo_iRtir6ikDaKlId8sQ
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
29f3a1c0cd4565b0277167096d361e171bcc442aefdc0d7475059067682abdbd

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=ap8uL8Rtmr6jLGaKkv7mNO
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
29f3a1c0cd4565b0277167096d361e171bcc442aefdc0d7475059067682abdbd

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.210.0.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-0-246.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
0000356872c103ec0f4b0d9aa1fa44be409307107e7204ef16856423fcc1a68e

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.staradvertiser.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
cdb
bidder.criteo.com/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.42.0&cb=64132591487&lsavail=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:25 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
openrtb
adx2.adform.net/adx/ 		0
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
arj
insticator-d.openx.net/w/1.0/ 		174 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=44dcce62-d63d-435f-85c3-c7b8b5402fe4%2C53f68bc1-ffb8-4d5b-bc76-9bde0138d6d0%2Cce58fcef-b20b-498a-8433-4f19f23c8442%2Cb89351e8-d015-4996-adac-06b25318b2fd&nocache=1704418106267&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&pubcid=95d1454d-e53e-46b3-b4de-3341491a2a03&schain=1.0%2C1!insticator.com%2C0eda47e1-3a3f-4444-8ab9-a525f4133e8d%2C1%2C16cc47a787e7449%2C%2C&aus=300x250%7C300x250%7C250x250%2C320x50%2C320x100%2C336x280%2C300x250%7C728x90%2C468x60&divids=div-insticator-ad-1%2Cdiv-insticator-ad-2%2Cdiv-insticator-ad-3%2Cdiv-insticator-ad-4&aucs=staradvertiser.com-div-insticator-ad-1%2Cstaradvertiser.com-div-insticator-ad-2%2Cstaradvertiser.com-div-insticator-ad-3%2Cstaradvertiser.com-div-insticator-ad-4&auid=540835883%2C540835883%2C540835883%2C540835884
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d54f50939666738335f3019a76e6013715f287c9c93e41b1c890173c28c1fa26

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=282913
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7338a71358a9c650b15a48d064c090a105a43495bb07789698af3bfa84a1d0c

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYxFP1qS0W8tr72N6xzJnTCbo%2BxLnQ0Nz4lEOvcqxCKXt65v4VkYgQbd50dj38BtRyFP1kcDANUJeCH5XxddO1unblSUn0nSoiSNQQBTdEOWSYdViMJ3KcEuC%2FCigrcPhqnjrkys"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8407f1ce3ad1db09-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:26 GMT
an-x-request-uuid
81e8418a-9afa-4db5-a5b3-ec2dcdd9d29a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		810 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=159116&zone_id=762986%3B762988%3B916798%3B762986&size_id=15%3B15%3B15%3B2&alt_size_ids=%3B%3B14%2C16%2C43%2C117%3B1&rp_schain=1.0,1!insticator.com,0eda47e1-3a3f-4444-8ab9-a525f4133e8d,1,16cc47a787e7449,,&eid_pubcid.org=95d1454d-e53e-46b3-b4de-3341491a2a03%5E1&rf=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&kw=Nationalnews&tg_i.domain=staradvertiser.com&tg_i.page=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&tg_i.pbadslot=staradvertiser.com-div-insticator-ad-1%3Bstaradvertiser.com-div-insticator-ad-2%3Bstaradvertiser.com-div-insticator-ad-3%3Bstaradvertiser.com-div-insticator-ad-4&tk_flint=pbjs_lite_v7.42.0&x_source.tid=44dcce62-d63d-435f-85c3-c7b8b5402fe4%3B53f68bc1-ffb8-4d5b-bc76-9bde0138d6d0%3Bce58fcef-b20b-498a-8433-4f19f23c8442%3Bb89351e8-d015-4996-adac-06b25318b2fd&l_pb_bid_id=6744509d40969e4%3B682674d955be18%3B6933e5eea383375%3B70fb771bddcc4dd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=staradvertiser.com-div-insticator-ad-1%3Bstaradvertiser.com-div-insticator-ad-2%3Bstaradvertiser.com-div-insticator-ad-3%3Bstaradvertiser.com-div-insticator-ad-4&slots=4&rand=0.3315638342427214
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
999b32b8d358cace3e52cc84e999da2a60740c8df82fe2aa2b6f761477e94c60

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		24 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.42.0
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
bc8abf663e3c90d575232d827dee5eadb15cca7c6ed48e0e3a2eb2e3b86357e6

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 05 Jan 2024 01:28:26 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.staradvertiser.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
hb-multi
hb.yellowblue.io/ 		105 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.20.191.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-191-184.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
bb2b09d3d1578d23ab316c001364d242e7353881c74f97436135499d0c354a7a

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.staradvertiser.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
event
event.insticator.com/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.85.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-85-240.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:26 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
cf-cache-status
DYNAMIC
cf-ray
8407f1ce3ccd09a6-MIA
content-length
0
date
Fri, 05 Jan 2024 01:28:26 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Headers
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.85.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-85-240.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Fri, 05 Jan 2024 01:28:26 GMT
vary
Origin
i
aamcf.aamsitecertifier.com/ 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aamcf.aamsitecertifier.com/i?stm=1704418106614&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&page=More%20than%2020%20injured%20after%20New%20York%20City%20subway%20train%20derails%20%7C%20Honolulu%20Star-Advertiser&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=206&p=web&tz=Pacific%2FHonolulu&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=4a645a4a-e2a2-40dd-84af-e3385e4c9736&dtm=1704418106611&vp=1600x1200&ds=1600x4718&vid=1&sid=b0f4f64b-74ba-43db-b47d-c7f871a2b5a1&duid=72be1b73-d0fb-454c-bb3f-b00da783c660&fp=1743654612&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7fX1dfQ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.235.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-235-164.us-west-2.compute.amazonaws.com
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:27 GMT
Server
Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		259 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=staradvertiser.com&domain=staradvertiser.com&path=%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
525106e52fcb08749b678fbae2a2af23effe2a6a9f4d9ae23984e35fd11241ff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-cache-hits
1
date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
401
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
188
x-served-by
cache-mia-kmia1760057-MIA
x-timer
S1704418107.740420,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Wed, 03 Jan 2024 01:21:45 GMT
css
fonts.googleapis.com/ Frame 0EEE 		717 B
466 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://travel.payvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:44:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jan 2024 01:28:26 GMT
app.styles.css
travel.payvibe.com/public/assets/ Frame 0EEE 		484 KB
151 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://travel.payvibe.com/public/assets/app.styles.css
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.27.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-27-167.compute-1.amazonaws.com
Software
Apache /
Resource Hash
df4ce8dacc898179c65f813e4b84c94a28cc5df0c6e5d681c80a742f93c60f74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://travel.payvibe.com/affiliate/hotdealshawaii
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
gzip
last-modified
Tue, 26 Dec 2023 09:19:36 GMT
server
Apache
etag
"78eff-60d662e64344b-gzip"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
access-control-max-age
1000
cache-control
max-age=2592000, public
accept-ranges
bytes
polyfill.min.js
cdn.polyfill.io/v2/ Frame 0EEE 		103 B
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=default,Array.prototype.includes
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://travel.payvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 05 Jan 2024 01:28:26 GMT
age
1422814
detected-user-agent
Chrome/120.0.0
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=2
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
121
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/120.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 0EEE 		90 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e33e4c5c9c5b8b2830989b944098cfed9a45345254139e0c6a2208ecb0bdd735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://travel.payvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29051
x-xss-protection
0
server
cafe
etag
615 / 19727 / m202312070101 / config-hash: 147569701560198365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:28:28 GMT
app.vendor.bundle.js
travel.payvibe.com/public/assets/ Frame 0EEE 		2 MB
616 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travel.payvibe.com/public/assets/app.vendor.bundle.js
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.27.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-27-167.compute-1.amazonaws.com
Software
Apache /
Resource Hash
db08d5493654d865ad6fadcdc456bb613e503a715a5c3d181a07f6552b0ef0de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://travel.payvibe.com/affiliate/hotdealshawaii
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
gzip
last-modified
Tue, 26 Dec 2023 09:19:35 GMT
server
Apache
etag
"20df9b-60d662e515826-gzip"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
1000
cache-control
max-age=2592000, public
accept-ranges
bytes
app.bundle.js
travel.payvibe.com/public/assets/ Frame 0EEE 		3 MB
743 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travel.payvibe.com/public/assets/app.bundle.js
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.27.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-27-167.compute-1.amazonaws.com
Software
Apache /
Resource Hash
0e0d12ae11167b74ebe560eea6980e71ad777027d257b04f228744631682b567

Request headers

accept-language
en-US,en;q=0.9
Referer
https://travel.payvibe.com/affiliate/hotdealshawaii
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
gzip
last-modified
Tue, 26 Dec 2023 09:19:33 GMT
server
Apache
etag
"306df7-60d662e368cc0-gzip"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
1000
cache-control
max-age=2592000, public
accept-ranges
bytes
0.chunk.js
travel.payvibe.com/public/assets/ Frame 0EEE 		3 MB
524 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travel.payvibe.com/public/assets/0.chunk.js
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.27.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-27-167.compute-1.amazonaws.com
Software
Apache /
Resource Hash
92eea9cbfa384eb138b493d493dd6fb163bd77857210e16122d879e1e2bd1ef8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://travel.payvibe.com/affiliate/hotdealshawaii
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
gzip
last-modified
Tue, 26 Dec 2023 09:19:16 GMT
server
Apache
etag
"2f5fa3-60d662d2f2ea2-gzip"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
1000
cache-control
max-age=2592000, public
accept-ranges
bytes
1.chunk.js
travel.payvibe.com/public/assets/ Frame 0EEE 		89 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travel.payvibe.com/public/assets/1.chunk.js
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.27.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-27-167.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d736fec3d1a498edce6b14b45338525830abcd0a102b488d453441ea949fecfb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://travel.payvibe.com/affiliate/hotdealshawaii
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
gzip
last-modified
Tue, 26 Dec 2023 09:19:23 GMT
server
Apache
etag
"16298-60d662da1611d-gzip"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
1000
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
24482
2.chunk.js
travel.payvibe.com/public/assets/ Frame 0EEE 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travel.payvibe.com/public/assets/2.chunk.js
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.27.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-27-167.compute-1.amazonaws.com
Software
Apache /
Resource Hash
20e7d4a38c2b03c680af9481fd95f8f2f717b99f5cb91946bfa8326952854267

Request headers

accept-language
en-US,en;q=0.9
Referer
https://travel.payvibe.com/affiliate/hotdealshawaii
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
gzip
last-modified
Tue, 26 Dec 2023 09:19:16 GMT
server
Apache
etag
"b0b-60d662d36a0e4-gzip"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
1000
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1315
api.js
www.google.com/recaptcha/ Frame 0EEE 		1 KB
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/affiliate/hotdealshawaii
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::93 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
948a6b59d56e61700382225607717c9ed6defacafbac5cf2bf57d083eca815ad
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://travel.payvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 05 Jan 2024 01:28:28 GMT
impl.20240104-7-RELEASE.js
cdn.taboola.com/libtrc/ 		833 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/oahu-staradvertiser/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
d48838c5cb12eedc7ddecf68684fdf8a6692818d80bbfb86437d7f4e2d0ad1c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
wgSKbKxiT2.bVgTpAIeE4skihedLcyMc
content-encoding
br
via
1.1 varnish
date
Fri, 05 Jan 2024 01:28:26 GMT
x-amz-request-id
RGWQ8261P4WNB8J3
age
23924
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
176440
x-amz-id-2
Uz5gnkTWL+LHO57rMDTTCg7OOYhWXUm6yX8rZrCMOwoB2mxeVpG2uL2Snc5abIIEAY1CxQPWpOU=
x-served-by
cache-mia-kmia1760087-MIA
last-modified
Thu, 04 Jan 2024 10:40:18 GMT
server
AmazonS3-br
x-timer
S1704418107.777818,VS0,VE0
etag
"5d1a26d82acd8ece5d0bca4d478ba6c9"
vary
Accept-Encoding
content-type
application/javascript
abp
71
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
52568
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/c13p8ejhds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
br
last-modified
Wed, 03 Jan 2024 15:51:12 GMT
x-azure-ref-originshield
0wVqXZQAAAADqR7gbs7J4TYYHC3J0LxfuTU5aMjIxMDYwNjEyMDIxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"0x8DC0C73CFCC02AC"
x-azure-ref
0OluXZQAAAADCqa9kbYs3RIOsj90zj2DXQk4xQUEyMDUxMDIwMDUxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
ce4f5ec9-d01e-0055-484e-3f3e50000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
chartbeat.js
static.chartbeat.com/js/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f3:3a00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 17:35:20 GMT
content-encoding
gzip
via
1.1 341de8df4217bc427eae27ed066ab4ce.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 01:03:21 GMT
server
nginx
x-amz-cf-pop
IAD55-P2
age
28386
etag
W/"65838ed9-9630"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
X99iQlLZmLzSlY76VpzCGwGj-Izs8YrEzqpxCkQp13iujxsA1hVRWw==
expires
Fri, 05 Jan 2024 17:35:20 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-59.iad12.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:24:39 GMT
content-encoding
gzip
via
1.1 db8c74a249442b107d8358be4371339e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4
age
228
x-cache
Hit from cloudfront
content-length
1696
last-modified
Mon, 07 Aug 2023 11:07:01 GMT
server
Apache/2.4.54 (Debian)
etag
"1090-602533ee4ff40-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
w0_VxbmcdgqvmDjiHHUZ5nEqWSqMNtpLntfET108xX0Gch_XiE2F4g==
fi_client.js
ecdn.firstimpression.io/ 		349 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-40.iad55.r.cloudfront.net
Software
Apache/2.4.54 (Debian) / PHP/8.2.0
Resource Hash
186a485b57b618549bd7a5919dc7949b73692a773600e1597d916e4e2bec419f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 00:40:34 GMT
Content-Encoding
br
Via
1.1 96cac0ffcf3fb8fed4b2230b5bdeca6c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD55-P2
Age
2873
X-Powered-By
PHP/8.2.0
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-XSS-Protection
0
Last-Modified
Fri,05 Jan 2024 00:40:34 UTC
Server
Apache/2.4.54 (Debian)
ETag
W/"7ac5cbc75739e262762fb2c8780c41a5"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
X-Amz-Cf-Id
GdZJzUb26SvlllIcmRRX-VdX99s1O4X4zIoE9BekX_5kK_CPYqq4Qw==
Hc6PdfQeAi.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.4.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-4-96.compute-1.amazonaws.com
Software
/
Resource Hash
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2753
js
www.googletagmanager.com/gtag/ 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137034616-28
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
40ea2ec74feb42d83a4916f674242bb9bddef6bde49cf59ab665ffda78dc3331
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69728
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 Jan 2024 01:28:26 GMT
js
www.googletagmanager.com/gtag/ 		277 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-73ZHFY4ZMB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VRMHDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7e4ce9b7c4c630dab207f35f61f28af9e646775aee2049558b311a0899de6fe0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93786
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 Jan 2024 01:28:26 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VRMHDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 05 Jan 2024 01:13:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
918
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 05 Jan 2024 03:13:09 GMT
js
www.googletagmanager.com/gtag/ 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137034616-28&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-KLPLN2M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
52d7f9e1cf49f5eaf48cd5883269a98b8893c43d0b7d855b888fff9a9bc591f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69720
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 Jan 2024 01:28:26 GMT
251
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&ref=
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6431127cdec75a96283b575168ecc20cf700b8c4a3ef40dfb4bb741a1a79d52

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 01:28:27 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
8407f1d0ecf0228d-MIA
px.js
p.cpx.to/p/12967/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12967/px.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.207.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-207-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6eafcdcd5d2c0862016a2e2dabef538f9c1f8e44a24a89d56c6b5ac89212fa04

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
cache-control
public, max-age=2419200
content-length
4396
content-type
application/javascript; charset=UTF-8
teads-format.min.js
a.teads.tv/media/format/v3/ 		586 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1f1f4ee19ab75ef54a1a25c521696df2a643c719daa47b5b3c663be22e54b397

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
last-modified
Thu, 04 Jan 2024 17:15:55 GMT
x-amz-request-id
9T128A11Z7PCZHWJ
etag
"1ebd1fbf87c79a57c9a8c999f0a834e1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
7
accept-ranges
bytes
content-length
136624
x-amz-id-2
NgqenOFR7QePU29XfxXHswIHmlVeCvGXNEksjbzPpLFSrXM94gqxaBMC+Fdx03FmrYSJp+8+ejs=
expires
Fri, 05 Jan 2024 01:58:27 GMT
ats.js
ats.rlcdn.com/ 		110 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-6.iad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:54:18 GMT
x-amz-version-id
x5VtTe.o38AhKNl9GXJ.IeIaII4uy0GZ
content-encoding
br
last-modified
Thu, 19 Oct 2023 08:25:12 GMT
server
AmazonS3
via
1.1 a2da30f5dacfbd28d77cf4c9702318f8.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD50-C2
etag
W/"b248cc9d0fdeb36bdeb7efabad1132ee"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
59650
x-amz-cf-id
xcB8wUhdzpUVbjCcqj9-9Ez3_0O8nkRwj9u68Fj11h1uXsXXfmmNlw==
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
878
age
3163437
cdn-cachedat
09/04/2022 07:20:45
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"450fc463b8b1a349df717056fbb3e078"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
9b06d93d607cff4a6b485d68bf88a0d2
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
8407f1d17a834bff-MIA
cdn-requestpullsuccess
True
sa-style-2018.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/ 		68 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.95
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
95133d31389701ca9c8f34810522a3129d3d54a131c0c47b4cb9d3d804e709e6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 21:13:53 GMT
server
cloudflare
age
4715508
etag
W/"6529b311-11135"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1d18b2edb2d-MIA
alt-svc
h3=":443"; ma=86400
wsl8gsu.css
use.typekit.net/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1418:a000:9::1728:6309 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e21905907ebc8b9e9b699bf737d869dbeee6d57395af684dfd471bdc85711a10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Fri, 05 Jan 2024 01:28:27 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:44:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
584805
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOaDWXifcdGxuL0COMbfl8vqtjo4RwUsq8culKsU3RgKjs9WFpaVRghvdqbNINrW5yTAM73GHv1aGmIgq5sEATBG2oQ%2BUTaxN5s5BGlLHuffR6pI6Oy5oTQ5Hd323rROoV6BS2AJ41NGTtUXf%2FUmvcof"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8407f1d18900dacd-MIA
alt-svc
h3=":443"; ma=86400
sa-jwplayer.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/ 		2 KB
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/css/sa-jwplayer.css?version=1.0
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
age
1854326
etag
W/"5d893779-603"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1d18b2fdb2d-MIA
alt-svc
h3=":443"; ma=86400
common.cmd-hsa-minified.1569273721.css
staradvertiser.wpenginepowered.com/wp-content/plugins/hsa-polls/css/ 		502 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=6.3.2
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
cloudflare
age
4241621
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1d18b3edb2d-MIA
alt-svc
h3=":443"; ma=86400
style.min.css
staradvertiser.wpenginepowered.com/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce57bbe0c9c5f3a01c6c4e9c7a1e83f7703df9578a55ac9ab19b72ebc1fc61ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jul 2023 11:13:55 GMT
server
cloudflare
age
3254858
etag
W/"64b7c573-19824"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1d18b3fdb2d-MIA
alt-svc
h3=":443"; ma=86400
vfb-style.min.css
staradvertiser.wpenginepowered.com/wp-content/plugins/vfb-pro/public/assets/css/ 		66 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
server
cloudflare
age
3246706
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1d19b4ddb2d-MIA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		17 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5df95beb48c2a9328ce73efa2da922f8449cb281d7b22c46b2632d1f2ec96361
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:47:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jan 2024 01:28:27 GMT
genericons.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/genericons/ 		30 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
age
3066785
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1d19b55db2d-MIA
alt-svc
h3=":443"; ma=86400
style.css
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
age
3074389
etag
"5d893779-0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8407f1d19b56db2d-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
facets.min.css
staradvertiser.wpenginepowered.com/wp-content/plugins/elasticpress/features/facets/assets/css/ 		789 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
age
4719150
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1d19b57db2d-MIA
alt-svc
h3=":443"; ma=86400
e
trk.kissmetrics.io/ 		43 B
352 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trk.kissmetrics.io/e
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.197.60.79 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
content-length
43
expires
Fri, 05 Jan 2024 01:28:26 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035032&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704418106655&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=5&...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035032&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704418106655&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=5...
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035032&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704418106655&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=5&cs_cmp_rt=557&c7=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&c8=More%20than%2020%20injured%20after%20New%20York%20City%20subway%20train%20derails%20%7C%20Honolulu%20Star-Advertiser&c9=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
108.138.85.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-29.iad12.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
via
1.1 39cace2136102a575c38c82525d3b770.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
IAD12-P2
x-amz-cf-id
ZI_6i9qehEFN4WGzwe6fXgiiwQnrxhFB-TzP-dyaB9lBbhzz4o257A==
x-cache
Miss from cloudfront

Redirect headers

date
Fri, 05 Jan 2024 01:28:27 GMT
via
1.1 39cace2136102a575c38c82525d3b770.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
IAD12-P2
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6035032&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704418106655&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=5&cs_cmp_rt=557&c7=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&c8=More%20than%2020%20injured%20after%20New%20York%20City%20subway%20train%20derails%20%7C%20Honolulu%20Star-Advertiser&c9=
content-length
0
x-amz-cf-id
P8PY-aRkwUMtzCC8Wbh5G1iYqnNO5bZ8Jx0RtjrC8B4xmCt9mDoRcw==
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.85.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-85-240.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Fri, 05 Jan 2024 01:28:27 GMT
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.85.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-85-240.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Fri, 05 Jan 2024 01:28:27 GMT
vary
Origin
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adunitid=jzvgq&adnum=260904
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:f400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:29:43 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 3ea826f29560ca95cae18534029cc5a6.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
age
2102325
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
6k9Bz06l4JUoIx_-4KjZ2ziNG-_U3-Kpkz5Mr--eCdH_RWib5mrqtQ==
wp-emoji-release.min.js
www.staradvertiser.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
nginx
etag
W/"63db0985-4904"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
event
event.insticator.com/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.85.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-85-240.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:27 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.85.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-85-240.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:27 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame D13A 		250 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
762a6921a033f9c9921fa1d1ef75351b4e82685fd77e6eafd97134a8cd4436c0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:26:15 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=61279
accept-ranges
bytes
content-length
77836
expires
Fri, 05 Jan 2024 18:29:46 GMT
pbjs_wrapper.v2.0.js
hb.brainlyads.com/ Frame E6AF 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
77c2b24b644af6c58f913c61be5030ffd50b29c7ec6ff61cb287d45b418e0c7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 12 Dec 2023 11:43:06 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"6578474a-c5a4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 12 Jan 2024 01:28:27 GMT
active_orders
origami.secure.ownlocal.com/api/ 		657 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/api/active_orders?owned_by=11d8bf01-4a0d-42f1-9c82-39f1b7726234
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
nginx/1.17.2 /
Resource Hash
f3b00547ca3ae94fd6614c6d99d06296211abbe1bb5d2b7d7ef64500a3e50978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
date
Fri, 05 Jan 2024 00:56:09 GMT
x-permitted-cross-domain-policies
none
age
1938
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
657
x-xss-protection
1; mode=block
x-request-id
e1c2865d-827c-40e3-82e2-10f434dac7cf
x-runtime
0.021469
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.17.2
etag
W/"f3b00547ca3ae94fd6614c6d99d06296"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=3600, public
content-type
application/json; charset=utf-8
vary
Origin
active_orders
origami.secure.ownlocal.com/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/api/active_orders?owned_by=c46cf15d-1622-4157-8f3f-18b9a61946de
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
nginx/1.17.2 /
Resource Hash
a578f223cff6aee61125a1fea42d6c578f280677ac95b6c7cee4079db9dcd6ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
date
Fri, 05 Jan 2024 01:16:08 GMT
x-permitted-cross-domain-policies
none
age
739
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3233
x-xss-protection
1; mode=block
x-request-id
167baad4-c70b-40f1-89b2-f6fb29a6479e
x-runtime
0.030064
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.17.2
etag
W/"a578f223cff6aee61125a1fea42d6c57"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=3600, public
content-type
application/json; charset=utf-8
vary
Origin
tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ 		2 KB
978 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3073501
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
last-modified
Mon, 04 May 2020 16:17:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffd-882"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQE9maqS%2BBivqUNrFU7J0I6wbNxFH2PTv9uaKdaH5V3ZS2YXPArAj8c0CKR0zEJTTBpm%2FowRlIE%2B78P7329FtvT7aRukTMgAi83xWJjflj9VLTZlmDJZ5f2vJDCutrkJoWAGjjwR0p5vgABm%2BUAmofrp"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8407f1d37941daed-MIA
expires
Wed, 25 Dec 2024 01:28:27 GMT
js
www.googletagmanager.com/gtag/ 		223 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cb3c46ed60a76437770bf6aea538cf396e15b40793ed2dd1be113d4d125b25c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80851
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 Jan 2024 01:28:27 GMT
one.js
cdn-p.cityspark.com/cdn/OneCol/ 		139 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-p.cityspark.com/cdn/OneCol/one.js?v=8
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9000::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e5ae33e21ae28a09562a1f83306aa093ea1b08266839edf50a3a5ca3520476cf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 05 Jan 2024 03:28:27 GMT
date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
gzip
strict-transport-security
max-age=0
last-modified
Fri, 01 Dec 2023 16:43:43 GMT
server
Microsoft-IIS/10.0
etag
"1da24758b72224a"
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=7200
x-proxy-cache
HIT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 05 Jan 2024 01:28:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1267460
x-guploader-uploadid
ABPtcPorNdL5MMx-VHbKr9r75G0lqHKdpKjshxx0SDMLi2JrV_dyiLANTY_Z0Z_xrYOoXLnzQLo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGu2TX8LfvDXziKLtXLORRZbnl%2F7YBeMo1i1pcmTx5Q4U8eAl9G3NCMX25P6%2F%2B2nC0Pc1qELTsyd6i40jqGVYmw43U5GyptYFOcCJFbHIyWJZVPSWZy4LzoClwijZMZjUF5B4kv2pSVnYy65%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8407f1d469b67476-MIA
expires
Thu, 21 Dec 2023 10:09:41 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f149.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3913
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 00:23:14 GMT
px.gif
ad-delivery.net/ 		43 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.29357483103498816
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1267460
x-guploader-uploadid
ABPtcPorNdL5MMx-VHbKr9r75G0lqHKdpKjshxx0SDMLi2JrV_dyiLANTY_Z0Z_xrYOoXLnzQLo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjuPQ%2BCX6c5t0i3QA99%2FqKd0LrF8zS7qDXTUHyrz3dlTLTKdNwhCOyAMxTJlpyRQWnTVd3BAbqykb%2BHIuQekD%2FBkaf0pU8BEAKwNuINlegfpLWm7f73DdHazEEAuUngu7k1euQMTxJl%2Bg2rYRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8407f1d469b87476-MIA
expires
Thu, 21 Dec 2023 10:09:41 GMT
forest.min.js
jxgdqbxdiycfimegq.ay.delivery/forest/JXGDQbXdiYcFimEgq/js/bid/ 		177 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jxgdqbxdiycfimegq.ay.delivery/forest/JXGDQbXdiYcFimEgq/js/bid/forest.min.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:ae1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6af9cfee2e190bae079465e3c199d4cdb75f83ca0fe955b9b48f9bcc31485262

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Jan 2024 00:33:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
608
etag
W/"65974e4a-2c44e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FI9WLS8fOBnNpzTR4JesvoNKs2KiNeKO6i%2BF1%2FqHeHkzWK9G%2FjrRBw41JVXwxScQDkSVgrSmapEeAQEWANzuMHdaEN3chH6QFi9imB%2FnDjuwlRHaPF1dCug7%2Bdjqsh0R8FXQ6N%2BIbUVR50o2QXluzjPVDXUZyooEshr57g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
8407f1d3ffaa127f-MIA
alt-svc
h3=":443"; ma=86400
ivt.min.js
jxgdqbxdiycfimegq.ay.delivery/ivt/JXGDQbXdiYcFimEgq/ 		87 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jxgdqbxdiycfimegq.ay.delivery/ivt/JXGDQbXdiYcFimEgq/ivt.min.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:ae1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41be2ded3a417eb7f67cddf3cd1e3fd49c1929c4152d3909f8f09318a6204005
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
172
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 13 Sep 2023 15:12:11 GMT
server
cloudflare
etag
W/"6501d14b-15c32"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbE5S67E%2Frew9L40Oh82%2B7GvfcUoktGJbApNcAPM89xqm7gw2yzE67rGEXX2L4pgQCcF%2Fg%2BB5oYPM7jb4S35b%2F2WARBgz36sfOn7zUPVVgEmRrfUGndKakf41Gvhbt421WTz9L%2FNPzu1SPvgXV4ASvCcvd3gTI5E4GOHwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, max-age=0
cf-ray
8407f1d40fb9127f-MIA
fa-regular-400.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-regular-400.woff2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2cdb4f2ed4b585d772068df75c01d0a360d45d27294188fccf5ceb4255fdc83

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
584761
alt-svc
h3=":443"; ma=86400
content-length
12216
last-modified
Fri, 22 Sep 2023 01:44:06 GMT
server
cloudflare
etag
"12717b4a013de862452c4ffcf4e1c264"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSQhFkEjqSS9waTewA3tk3nWhBBiqnNqQIG13v8ZhFMQA9VgplvU%2B6EysO8XZm7TwRpY0B0pLNWUUY3o8ON%2FgBaw8rub81fAIPEbjDPEGz1cILesWA4itSAm8ZOwVeIvbbHMt9SQHMJgJqEX%2Bzfjttmd"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8407f1d42dd9dacd-MIA
fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-brands-400.woff2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
322360
alt-svc
h3=":443"; ma=86400
content-length
55144
last-modified
Fri, 22 Sep 2023 01:44:05 GMT
server
cloudflare
etag
"2ac01f7650b5ab76bfebbc708928929e"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=feV6QV537dZZzjS8jd%2BxTwtjoV%2BhnWnoP4l1KqB7kEaNFI3y5NON360C34%2F6GctXehjrXNi%2BbfXyfD5QcgJEJx2rTejZEsM6bU6jI5Woom7Wjyxuwprh1%2FCgTuonpV%2BjAGr4rAfw6AfLblQySQxW9VWl"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8407f1d42ddbdacd-MIA
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-solid-900.woff2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
406164
alt-svc
h3=":443"; ma=86400
content-length
44068
last-modified
Fri, 22 Sep 2023 01:44:05 GMT
server
cloudflare
etag
"84f351b3972185aed620f78489e48b2d"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptOmbugFCtrYk%2B9zlVbH4uUiu942lxoAHOeRoE1MhFugcnC1sUJQf3YweU5AOMk2ffNsK9W%2FWIm5KVHNbFo3DdO6HXYfTVeAm2RbkBO4CEn7u58G1YjOZrQ%2FLUEYUxVl7SzZ1cd7DLMavsHTvbA%2BQb%2Bc"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8407f1d42ddddacd-MIA
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 		264 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:04:16 GMT
server
cloudflare
x-amz-request-id
XKPEPF6N1MX3JWKQ
age
4298772
etag
W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
8407f1d44dbd744a-MIA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
qVD9XzhmfL9ScpfGJ/ki1kWFqj71E/FpT7Q6ItYZhNwmzdrMh0EocNzm271sP9rZzSsA/u6IhuU=
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:27 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
393486
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Had41NQVorKZi3EQUI2LERAkSxmlLiff6ouS9B01rPd%2F2bWubCYvaYR%2FZDckxdpz2MbhKeP64WGQtv%2BvdtpvORngpMHxsPgIrHe6GyUvCwuEwXa2MMfKjIDNbIQn9jrnUPtwkRXBv0rwWl5X"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
8407f1d4a900db0d-MIA
ads
securepubads.g.doubleclick.net/gampad/ 		34 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2454078064861757&correlator=3786008444751327&eid=31077976%2C31080198%2C31079723&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fifs&gdpr=0&iu_parts=22692889424%2CHawaii%2CHSA%2CINT%2CEar%2CSliding%2CLeaderboard%2CBox&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7%2C%2F0%2F1%2F2%2F7&prev_iu_szs=1x1%2C300x100%7C320x50%7C320x100%2C300x100%7C320x50%7C320x100%2C1x1%2C970x90%7C728x90%2C300x250%7C336x280%2C300x250%7C336x280&ifi=1&didk=1901589873~3686445127~653053223~3244788319~2241350047~4165274787~4165274784&sfv=1-0-40&ists=64&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704418107652&lmt=1704418107&adxs=0%2C144%2C1156%2C0%2C315%2C1024%2C215&adys=0%2C142%2C142%2C113%2C298%2C389%2C719&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&vis=1&psz=0x-1%7C337x97%7C337x97%7C1600x4717%7C1350x64%7C330x280%7C300x0&msz=0x-1%7C307x0%7C305x0%7C1600x24%7C1318x24%7C330x-1%7C300x0&fws=512%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=495654607.1704418108&ga_sid=1704418108&ga_hid=66608816&ga_fc=false&dlt=1704418103961&idt=3595&prev_scp=refresh%3Dtrue%7Crefresh%3Dtrue%26position%3Dleft%7Crefresh%3Dtrue%26position%3Dright%7Crefresh%3Dtrue%7Crefresh%3Dtrue%26position%3D1%7Crefresh%3Dtrue%26position%3D1%7Crefresh%3Dtrue%26position%3D2&cust_params=pagetype%3Dnational-news%252Ctop-news%252Cros%26hi_site%3DHSA%26site%3Dstaradvertiser.com&adks=1191723655%2C3474858910%2C438238437%2C4190192221%2C614944131%2C1220465656%2C1220465657&frm=20
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f64e1ab61580ccb1dff143032a644c2a8f8a33211e98d7f2d62d7808d7f9b64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13284
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,6201357749,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,138419581895,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		650 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2454078064861757&correlator=1386169803597397&eid=31077976%2C31080198%2C31079723&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fifs&gdpr=0&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=8&didk=570410235&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704418107667&lmt=1704418107&adxs=1024&adys=2192&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&ga_vid=495654607.1704418108&ga_sid=1704418108&ga_hid=66608816&ga_fc=false&dlt=1704418103961&idt=3595&prev_scp=aid%3D59926a4a-4276-422a-a84e-360250845f9b%26ib%3Dnofill%26iaid%3Dnofill%26iba%3D0%26at%3D1%26h%3D1%26tg%3D2%26shb%3D0%26it%3Dil&cust_params=pagetype%3Dnational-news%252Ctop-news%252Cros%26hi_site%3DHSA%26site%3Dstaradvertiser.com&adks=2376897148&frm=20
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
183662677878802d158b91b359272e3410fb6afc87d421da6c237057057e741b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
278
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		650 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2454078064861757&correlator=915883887045179&eid=31077976%2C31080198%2C31079723&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fifs&gdpr=0&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=9&didk=570410234&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704418107673&lmt=1704418107&adxs=1024&adys=2472&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&ga_vid=495654607.1704418108&ga_sid=1704418108&ga_hid=66608816&ga_fc=false&dlt=1704418103961&idt=3595&prev_scp=aid%3D59926a4a-4276-422a-a84e-360250845f9b%26ib%3Dnofill%26iaid%3Dnofill%26iba%3D0%26at%3D1%26h%3D1%26tg%3D2%26shb%3D0%26it%3Dil&cust_params=pagetype%3Dnational-news%252Ctop-news%252Cros%26hi_site%3DHSA%26site%3Dstaradvertiser.com&adks=660054608&frm=20
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d8f1f9b8e65f9d96fbe68835609295fc6085dd3b1b5e05e7e45e8a6f731a940
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
280
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		656 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2454078064861757&correlator=2670070532687328&eid=31077976%2C31080198%2C31079723&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fifs&gdpr=0&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250&fluid=height&ifi=10&didk=570410213&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704418107680&lmt=1704418107&adxs=1042&adys=3824&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&vis=1&psz=300x-1&msz=336x-1&fws=512&ohw=0&ga_vid=495654607.1704418108&ga_sid=1704418108&ga_hid=66608816&ga_fc=false&dlt=1704418103961&idt=3595&prev_scp=aid%3D59926a4a-4276-422a-a84e-360250845f9b%26ib%3Dnofill%26iaid%3Dnofill%26iba%3D0%26at%3D1%26h%3D1%26tg%3D2%26shb%3D0%26it%3Dil&cust_params=pagetype%3Dnational-news%252Ctop-news%252Cros%26hi_site%3DHSA%26site%3Dstaradvertiser.com&adks=2943078178&frm=20
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
743a9ad8ed176558e1c2eb44768c983b60475c8c8c72ec579c33c1c8226258ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
287
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		648 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2454078064861757&correlator=1149493711195984&eid=31077976%2C31080198%2C31079723&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fifs&gdpr=0&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60%7C320x50&fluid=height&ifi=11&didk=570410212&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704418107685&lmt=1704418107&adxs=436&adys=4554&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&vis=1&psz=728x-1&msz=728x-1&fws=0&ohw=0&ga_vid=495654607.1704418108&ga_sid=1704418108&ga_hid=66608816&ga_fc=false&dlt=1704418103961&idt=3595&prev_scp=aid%3D59926a4a-4276-422a-a84e-360250845f9b%26ib%3Dnofill%26iaid%3Dnofill%26iba%3D0%26at%3D1%26h%3D1%26tg%3D2%26shb%3D0%26it%3Dil&cust_params=pagetype%3Dnational-news%252Ctop-news%252Cros%26hi_site%3DHSA%26site%3Dstaradvertiser.com&adks=2259248053&frm=20
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
436e1be47b9c01206bccfa763d96419e0eb284f82640338d833fd403224f3986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
280
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D8CC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 01:28:27 GMT
expires
Sat, 04 Jan 2025 01:28:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=wsl8gsu&ht=tk&f=139.140.175.176.28494.28496.28497.28498&a=84346937&app=typekit&e=css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1418:a000:9::1728:6311 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
last-modified
Fri, 14 Jul 2023 12:49:52 GMT
server
nginx
etag
"64b14470-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
l
use.typekit.net/af/65a133/00000000000000003b9adc1a/27/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/65a133/00000000000000003b9adc1a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1418:a000:9::1728:6309 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
acc3c4b04f19bc9067921dc3e4ce4f734521bb13b9d0c9943e8fa9585797114f

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
server
nginx
etag
"d1273710b7f550512dbb2ff62d904ba6dde81f28"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34860
187621-164323601241456.js
js-sec.indexww.com/ht/p/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 05 Jan 2024 01:22:42 GMT
server
cloudflare
age
204
etag
W/"761713-856b-60e28af4116c3"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
8407f1d66c8d8bff-MIA
expires
Fri, 05 Jan 2024 05:28:27 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
85976c05de46ce57ed5573e315c75d3377b11c946683a4ee81d6092a59032f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:45:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jan 2024 01:28:27 GMT
icon
fonts.googleapis.com/ 		569 B
366 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 01:28:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jan 2024 01:28:27 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3163981
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4023
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzl6mGW9V8f37D9RVi9ofZvjjcHU7P85Bx2DLiH1KPCSFpMHiKAAhei0GBMMGGmHdwjPe7KUw%2BgsJkCg85zVtvVREEKqhJlbMqJ5RXyHFvJLHp17JbOIcWGoCyJJ4egRJmm7gVmBUcPweEdz5hMLv9w3"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8407f1d66e8f9ae5-MIA
expires
Wed, 25 Dec 2024 01:28:27 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame 2894 		53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2992703
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20502
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1waLdD%2FY1onNw%2B266WanJD2z%2BQ3277v5oR9HBMvoimuc%2F9HYpG79GG3QeWguOhUnQmkV5CSmBVJHGrKRDvVlrcX%2FdYthuMynz82O4X4ghiJsQqIMx1cV%2FCG43Sf7ug6Xuf6vNXK0eRAIqWfPE8UBEmle"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8407f1d66ea59ae5-MIA
expires
Wed, 25 Dec 2024 01:28:27 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Fri, 05 Jan 2024 01:28:28 GMT
prebid.js
embed.sendtonews.com/library/prebid/8.6.0/ Frame 2894 		443 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.162.125.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-78.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3e6adbda65d2903f09a41c14896d338479636be883f23fd9c22cfdecdadcd26

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
i3B_jjvrdw.lF4dn27SHtSate1_g8CWu
content-encoding
gzip
via
1.1 6123d2a57c9fa3d5613bea69a7290ae0.cloudfront.net (CloudFront)
date
Thu, 04 Jan 2024 13:38:43 GMT
last-modified
Wed, 29 Nov 2023 21:48:59 GMT
server
AmazonS3
age
42585
x-amz-cf-pop
IAD61-P3
etag
W/"4b9ce2a8c4f2b111ada55ff0f82ba870"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
VR7_calRQoNZiRU2oS0vl9POQS-lR2qPAPtNHmqHDVcGOA5EClEbnw==
ppid.js
cdn-ima.33across.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ppid.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ff9ab9217afbaacb4ccd2a48d03c83161ba8126c0a1ffea3598b2946817880

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:46 GMT
server
cloudflare
age
105784
etag
W/"65833eca-2947"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8407f1d6de724982-MIA
expires
Mon, 08 Jan 2024 01:28:27 GMT
comScore.gt.min.js
embed.sendtonews.com/library/streamsense/6.3.4.190424/ Frame 2894 		335 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.162.125.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-78.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
..7XtSbDM3xjP8tWp7l1eb4E8v7z8_OL
content-encoding
gzip
via
1.1 6123d2a57c9fa3d5613bea69a7290ae0.cloudfront.net (CloudFront)
date
Thu, 04 Jan 2024 20:28:43 GMT
last-modified
Thu, 13 Apr 2023 16:36:13 GMT
server
AmazonS3
age
17985
x-amz-cf-pop
IAD61-P3
etag
W/"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
G52-gSX259vb1hHJ3p4yIxKhmCrNj3SdS3YcgJm4Wx5LISEpokH9sA==
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:58:33 GMT
via
1.1 b471d3775e81a9be536b52b99f39452a.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
77396
etag
"cb93bb50e5d021cc38de445a672c18a2"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1094
x-amz-cf-id
wI1_7ewb52mcBT5boHqaw1nk7p8_4OBt2SNvN7Q563wDnNWokwY7FQ==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		322 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:58:33 GMT
via
1.1 b471d3775e81a9be536b52b99f39452a.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
77396
etag
"311cf2edc46e82f2a6911332b7db54e1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
322
x-amz-cf-id
Vq03gXqq6CXJdwwivC0Ny8st0d1jD-z1Sm_T6muWwZsJRig5JLJRBg==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:29:52 GMT
via
1.1 b471d3775e81a9be536b52b99f39452a.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
79117
etag
"8be584e844dabfe22970a0cb943c047e"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
832
x-amz-cf-id
gUwQ0kAlk7KvA41N1qM7Z-tqzljGfC6AHIZYpnQHEYX999ufhKtzsg==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 04:00:45 GMT
via
1.1 b471d3775e81a9be536b52b99f39452a.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
77264
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
773
x-amz-cf-id
8x6st49_EzI_yKIwSj4D3We_hKVSgl-BuzXaSfihmjI0ZasiKuSd_g==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 2894 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:08:15 GMT
content-encoding
gzip
via
1.1 c34bd35d24f6df50307d1ac92d0f6110.cloudfront.net (CloudFront), 1.1 417c242b19212928b079740e6dd8f54c.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:18 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, IAD89-C1
age
1214
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
y2XyZ3MpQ3NiLqJ5ZRTIe391YhEuCFXoMGdm_uaXKj6pWdphxHVaNQ==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=YAMFxqR3qCYbUd0e&instance=055123&version=7.29.3-U&age=240105&cmd=PRE_INIT&key=y3roexcY&seq=1&order=1&vIndex=0&absoluteTime=4357.4&relativeTime=0.3&canonical=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/&EXTREF=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/&REF=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/&serverHost=embed.sendtonews.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.145.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-145-94.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:28 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/ 		40 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=YAMFxqR3qCYbUd0e&instance=055123&version=7.29.3-U&age=240105&ESG_key=y3roexcY&type=FULL&EXTREF=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/&REF=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/&ogSet=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.162.125.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-78.iad61.r.cloudfront.net
Software
Apache /
Resource Hash
d5584c3f1652b98a9c22ebdb8c659173665a581ff3482b3b0d78fa5879542b54

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
content-encoding
gzip
via
1.1 6123d2a57c9fa3d5613bea69a7290ae0.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
IAD61-P3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
alt-svc
h3=":443"; ma=86400
content-length
7756
x-amz-cf-id
yPQs3dOd-utC5StoC6qlfdbszRQHS4WQv81qJe5aZxiAp_Kp0A5ITQ==
expires
Fri, 05 Jan 2024 01:28:28 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=More%20than%2020%20injured%20after%20New%20York%20City%20subway%20train%20derails%20%7C%20Honolulu%20Star-Advertiser&artid=1300053&artpubt=1704416940&artupt=1704416940&auth=Associated%20Press&hier=Top%20News&ptype=Article&sec=Top%20News&tv=js-3.0.153&tna=Mather&aid=v1&p=web&tz=Pacific%2FHonolulu&tzoff=600&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=2&tid=763a5f70-442a-44bb-ae9f-933756db658b&pid=aa0ee584-5894-413a-b029-99e46ffd74d9&dtm=1704418107938&qnm=_matherq&visible=1&tabid=9b460c08-7e4c-4a25-b3d6-c10ee41ad073&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&vp=1600x1200&ds=1600x4744&tofa=1704418108&vid=1&lvidt=1704418108&duid=d68fc899d8562c3c&fp=742780693&cid=ma15446&mrk=988352900&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcwNDQxODEwMzU1MiIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIzMS4ybWIiLCJoZWFwVCI6IjM3LjNtYiIsImZzdFBhaW50IjoiMTc5OSIsImZldGNoUyI6IjAiLCJkb21haW5TIjoiMTMiLCJkb21haW5FIjoiMTMiLCJjb25uUyI6IjEzIiwiY29ubkUiOiIyNjMiLCJzc2xTIjoiOTEiLCJyZXF1UyI6IjMwOCIsInJlc3BTIjoiNDA1IiwicmVzcEUiOiI1MjkiLCJkb21Mb2FkIjoiNDA5IiwiZG9tSW50ZXIiOiIzNzg1IiwiZG9tTG9hZFMiOiIzNzk1IiwiZG9tTG9hZEUiOiIzODU3In0sImtleXdvcmRzIjpbIk5hdGlvbmFsIiwibmV3cyJdfQ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.22.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-22-220.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 05 Jan 2024 01:28:28 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::93 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
de0034d2770e6ed0f0ed0977cd9448c0580d0817a6d13002c2b75da4c915ae63
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 05 Jan 2024 01:28:28 GMT
newsletter-signup.js
www.staradvertiser.com/resources/newsletter/ 		2 KB
965 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/resources/newsletter/newsletter-signup.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d1a0a1b6d83366106e152f1703e7a4762df4f2a95bcd45dda95c362e27c64fa0

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:28 GMT
content-encoding
br
last-modified
Sat, 12 Oct 2019 01:57:07 GMT
server
nginx
etag
W/"5da132f3-7ed"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
newsletter-signup.js
www.staradvertiser.com/resources/newsletter/ 		2 KB
965 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/resources/newsletter/newsletter-signup.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d1a0a1b6d83366106e152f1703e7a4762df4f2a95bcd45dda95c362e27c64fa0

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:28 GMT
content-encoding
br
last-modified
Sat, 12 Oct 2019 01:57:07 GMT
server
nginx
etag
W/"5da132f3-7ed"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
SA-newsletter-icon.png
sa-media.s3.us-east-1.amazonaws.com/images/redesign/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.us-east-1.amazonaws.com/images/redesign/SA-newsletter-icon.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.178.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c851e58c318492d4f404559ad6cb21dd7e93595cf9273ec1bec1f85a0baa7ccb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:29 GMT
x-amz-version-id
ZFEHAtdHgcu2tx3Ki4ODLeeyKgBHff3S
Last-Modified
Tue, 29 Nov 2022 20:10:24 GMT
Server
AmazonS3
x-amz-request-id
25EWWV8WM3F05CHK
ETag
"5687ebfe865ae4f18cf0af43f5482e89"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
6420
x-amz-id-2
oNVSSfFS4NOcJy/W96X392fWDiag3Qy3TLykegN2H4iAt7h1WS5Au2/T2yU3LtNJYhUKepM0p2U=
chevron-left-solid.svg
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/ 		464 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/chevron-left-solid.svg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c326ccc1689a51d7804d727ca92782455b9fd94f67eaca14cabbb71b7c8eb51e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
age
4193772
etag
W/"5d893779-1d0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1d809c1b3c2-MIA
alt-svc
h3=":443"; ma=86400
chevron-right-solid.svg
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/ 		509 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/chevron-right-solid.svg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
98223037c7bfbf8695cafbfd041165f5d043feb38caa2b6f355d5a5523aa4eea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
age
3837251
etag
W/"5d893779-1fd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1d809c2b3c2-MIA
alt-svc
h3=":443"; ma=86400
prebid.js
hb.brainlyads.com/ Frame D13A 		632 KB
208 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/prebid.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0cd3b9ad07291b3884014188f6075141eca6a81a32e2a5bd1d380f29119340ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 21 Dec 2023 20:56:06 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"6584a666-9df43"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 12 Jan 2024 01:28:28 GMT
index.html
origami.secure.ownlocal.com/origami_unit/ 		13 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/index.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5270155ff4a7e8b5f899599bed68fd18e6bc5a609ca7a451371f3ae24e2380a1

Request headers

Accept
text/html
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:32:46 GMT
content-encoding
gzip
age
3342
x-guploader-uploadid
ABPtcPp7mcNVZOgElIwqBwX4-LbGt9IGiJhmZMew39xEfEz11ciuwF84MGWiWwv3BYgWOI4XrxYERMTp0g
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-html-production
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4414
last-modified
Tue, 05 Sep 2023 21:42:04 GMT
server
UploadServer
etag
"56cff1ac2bd95e622835d72dedff0636"
x-goog-generation
1693950124083244
x-goog-hash
crc32c=wEBOGA==, md5=Vs/xrCvZXmIoNdct7f8GNg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
4414
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
text/html
expires
Sat, 06 Jan 2024 00:32:46 GMT
index.html
origami.secure.ownlocal.com/origami_unit/ 		13 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/index.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5270155ff4a7e8b5f899599bed68fd18e6bc5a609ca7a451371f3ae24e2380a1

Request headers

Accept
text/html
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:32:46 GMT
content-encoding
gzip
age
3342
x-guploader-uploadid
ABPtcPp7mcNVZOgElIwqBwX4-LbGt9IGiJhmZMew39xEfEz11ciuwF84MGWiWwv3BYgWOI4XrxYERMTp0g
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-html-production
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4414
last-modified
Tue, 05 Sep 2023 21:42:04 GMT
server
UploadServer
etag
"56cff1ac2bd95e622835d72dedff0636"
x-goog-generation
1693950124083244
x-goog-hash
crc32c=wEBOGA==, md5=Vs/xrCvZXmIoNdct7f8GNg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
4414
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
text/html
expires
Sat, 06 Jan 2024 00:32:46 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=staradvertiser.com&p=%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&u=BZrUvzDXMdnwBwzJOh&d=staradvertiser.com&g=48334&g0=Top%20News&g1=Associated%20Press&n=1&f=00001&c=0&x=0&m=0&y=4744&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&b=4669&t=Cg_P3IDv3fU9CFNua1BncpGVBUIYri&V=143&i=More%20than%2020%20injured%20after%20New%20York%20City%20subway%20train%20derails%20%7C%20Honolulu%20Star-Advertiser&tz=600&_acct=anon&sn=1&sv=6wmX1DMZZK2CtCFufCc_GvkDC00Po&sr=external&sd=1&im=067b0fff&_
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.113.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-113-238.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:28 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
249828
expires
60
json
trc.taboola.com/oahu-staradvertiser/trc/3/ 		96 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/oahu-staradvertiser/trc/3/json?tim=15%3A28%3A28.406&lti=deflated&data=%7B%22id%22%3A59%2C%22ii%22%3A%22%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1704365579155%2C%22vi%22%3A1704418108401%2C%22cv%22%3A%2220240104-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A0%2C%22ga%22%3Afalse%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F%22%2C%22vpi%22%3A%22%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4718%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A0%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A3375%2C%22mw%22%3A760%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-rr%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A3762.1875%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-rr%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
07892e5166a4107d71e18cad4df4f60fa60f44d467f3b6f99d4231226b50ed6d

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
560
date
Fri, 05 Jan 2024 01:28:28 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.23666666666666666
x-fastly-to-nlb-rtt
30858
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mia-kmia1760087-MIA
x-log-content-encoding
gzip
server
nginx
x-timer
S1704418108.425804,VS0,VE560
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
analytics.google.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-73ZHFY4ZMB&gtm=45je4130v9105050524z89100482881&_p=1704418104928&_gaz=1&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=495654607.1704418108&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704418108&sct=1&seg=0&dl=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&dt=More%20than%2020%20injured%20after%20New%20York%20City%20subway%20train%20derails%20%7C%20Honolulu%20Star-Advertiser&en=page_view&_fv=1&_ss=1&ep.dimension4=No%20Name%20Found&tfd=4917
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-73ZHFY4ZMB&cid=495654607.1704418108&gtm=45je4130v9105050524z89100482881&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=66608816&t=pageview&_s=1&dl=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&ul=en-us&de=UTF-8&dt=More%20than%2020%20injured%20after%20New%20York%20City%20subway%20train%20derails%20%7C%20Honolulu%20Star-Advertiser&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=23074486&gjid=1443334093&cid=495654607.1704418108&tid=UA-16272709-1&_gid=1065753684.1704418108&_r=1&_slc=1&gtm=45He4130n815VRMHDKv9100482881&cd4=No%20Name%20Found&cd5=GTM_UA&gcd=11l1l1l1l1&dma=0&tcfd=10000&z=284997397
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=66608816&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&ul=en-us&de=UTF-8&dt=More%20than%2020%20injured%20after%20New%20York%20City%20subway%20train%20derails%20%7C%20Honolulu%20Star-Advertiser&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=qwpag7&_u=YDDAAEABAAAAACAAI~&jid=&gjid=&cid=495654607.1704418108&tid=UA-16272709-1&_gid=1065753684.1704418108&gtm=45He4130n815VRMHDKv9100482881&cd4=No%20Name%20Found&cd5=GTM_UA&gcd=11l1l1l1l1&dma=0&tcfd=10000&cd2=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fc13p8ejhds%2Fscyt0l%2Fqwpag7&z=1808735649
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 03:55:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
77567
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.221.132 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-221-132.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sun, 04 Feb 2024 01:28:28 GMT
date
Fri, 05 Jan 2024 01:28:28 GMT
last-modified
Tue, 05 Dec 2023 07:28:21 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
error
api.assertcom.de/ 		0
314 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/error
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.211.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.211.175.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
country
api.btloader.com/ 		16 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:28 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?partner_id=251&sync=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&ref=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:28 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CADRK6PEVBEZB5
age
6558
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8407f1db4fa49ae5-MIA
x-amz-id-2
flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=
251
p.ad.gt/api/v1/p/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/251
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&ref=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aeb2e636f634270d214e57ea9b3e371376e9d23b9d90c616f7dc71b688d949e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 05 Jan 2024 01:24:40 GMT
server
cloudflare
age
228
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8407f1db5d0fda87-MIA
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001704418109-NTS4H3MM-VH3X%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&adnxs_id=7386633197929965226&gdpr=0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&adnxs_id=7386633197929965226&gdpr=0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8407f1ddf8d774b4-MIA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:28 GMT
an-x-request-uuid
7985755a-0dc1-42d8-8ed2-bb476f9b6990
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&adnxs_id=7386633197929965226&gdpr=0
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001704418109-NTS4H3MM-VH3X&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001704418109-NTS4H3MM-VH3X&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=736096f3-a33b-4e74-a900-147a47dba0f3&id=AU1D-0100-001704418109-NTS4H3MM-VH3X
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=736096f3-a33b-4e74-a900-147a47dba0f3&id=AU1D-0100-001704418109-NTS4H3MM-VH3X
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8407f1ddf8d674b4-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=736096f3-a33b-4e74-a900-147a47dba0f3&id=AU1D-0100-001704418109-NTS4H3MM-VH3X
date
Fri, 05 Jan 2024 01:28:28 GMT
server
Kestrel
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001704418109-NTS4H3MM-VH3X
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001704418109-NTS4H3MM-VH3X
  • https://ids.ad.gt/api/v1/pbm_match?pbm=A0864502-06A0-4ED8-A79E-7CD263E71299&id=AU1D-0100-001704418109-NTS4H3MM-VH3X
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=A0864502-06A0-4ED8-A79E-7CD263E71299&id=AU1D-0100-001704418109-NTS4H3MM-VH3X
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8407f1ddf8d474b4-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=A0864502-06A0-4ED8-A79E-7CD263E71299&id=AU1D-0100-001704418109-NTS4H3MM-VH3X
date
Fri, 05 Jan 2024 01:28:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rub_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001704418109-NTS4H3MM-VH3X&gdpr=0
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&rub=LQZYJ7Y5-28-J2H9&gdpr=0
43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&rub=LQZYJ7Y5-28-J2H9&gdpr=0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:28 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8407f1dc4d4474b4-MIA
content-length
43
content-type
image/gif

Redirect headers

Location
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&rub=LQZYJ7Y5-28-J2H9&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001704418109-NTS4H3MM-VH3X&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001704418109...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001704418109-NTS4H3MM-VH3X&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001704...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4997edfe-4ce1-4693-848f-c8b66f02f74e%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=736096f3-a33b-4e74-a900-147a47dba0f3&ttd_puid=4997edfe-4ce1-4693-848f-c8b66f02f74e%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&tapad_id=4997edfe-4ce1-4693-848f-c8b66f02f74e
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&tapad_id=4997edfe-4ce1-4693-848f-c8b66f02f74e
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8407f1deaa9274b4-MIA
content-length
43
content-type
image/gif

Redirect headers

date
Fri, 05 Jan 2024 01:28:29 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&tapad_id=4997edfe-4ce1-4693-848f-c8b66f02f74e
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001704418109-NTS4H3MM-VH3X
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&google_gid=CAESEN4pxqMjqaAnxjFuBYirIQo&google_cver=1&google_ula=450542624,0
43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&google_gid=CAESEN4pxqMjqaAnxjFuBYirIQo&google_cver=1&google_ula=450542624,0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8407f1dda84b74b4-MIA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&google_gid=CAESEN4pxqMjqaAnxjFuBYirIQo&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001704418109-NTS4H3MM-VH3X
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDQxODEwOS1OVFM0SDNNTS1WSDNY
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDQxODEwOS1OVFM0SDNNTS1WSDNY
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDQxODEwOS1OVFM0SDNNTS1WSDNY
date
Fri, 05 Jan 2024 01:28:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8407f1dc1cf674b4-MIA
content-type
text/html; charset=utf-8
beeswax_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001704418109-NTS4H3MM-VH3X
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001704418109-NTS4H3MM-VH3X&_bee_ppp=1
  • https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAAQHk7LLrYAABaDzK28HA&id=AU1D-0100-001704418109-NTS4H3MM-VH3X
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAAQHk7LLrYAABaDzK28HA&id=AU1D-0100-001704418109-NTS4H3MM-VH3X
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8407f1e1e84674b4-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAAQHk7LLrYAABaDzK28HA&id=AU1D-0100-001704418109-NTS4H3MM-VH3X
Date
Fri, 05 Jan 2024 01:28:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
son_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&uid=[UID]&gdpr=0
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&uid=770043a8-af77-46db-9a99-c38ce904d888&gdpr=0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&uid=770043a8-af77-46db-9a99-c38ce904d888&gdpr=0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8407f1e00d1374b4-MIA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:29 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-180
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&uid=770043a8-af77-46db-9a99-c38ce904d888&gdpr=0
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
adb_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001704418109-NTS4H3MM-VH3X&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001704418109-NTS4H3...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001704418109-NTS4H3MM-VH3X&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-01...
  • https://ids.ad.gt/api/v1/adb_match?adb=52484525425390576564160136390183098686&id=AU1D-0100-001704418109-NTS4H3MM-VH3X
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/adb_match?adb=52484525425390576564160136390183098686&id=AU1D-0100-001704418109-NTS4H3MM-VH3X
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8407f1e18fab74b4-MIA
content-length
43
content-type
image/gif

Redirect headers

dcs
dcs-prod-va6-2-v053-0bd4383af.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
a2+sDMnyTRU=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://ids.ad.gt/api/v1/adb_match?adb=52484525425390576564160136390183098686&id=AU1D-0100-001704418109-NTS4H3MM-VH3X
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
track
t.teads.tv/ 		23 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=7f4cbe29-60d9-4374-99cc-cb1a05bd0f3a&pageId=57606&pid=62653&debug_metadata=y1UsooLEyU&fv=1309&ts=1704418108804&f=1&referer=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.44.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-44-83.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=7f4cbe29-60d9-4374-99cc-cb1a05bd0f3a&pageId=57606&pid=62653&slot=polymorph&fv=1309&ts=1704418108815&f=1&referer=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.44.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-44-83.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Fri, 05 Jan 2024 01:28:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame F936 		84 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:5800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
999f5ed0e1d4d5d78f5afc1301a38c0c5d8aaffb16f511a910bf13025beaff1e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
vDZ03Nh4PHNVrs8HyofZavC0FIVLpp1Y
content-encoding
br
via
1.1 46dd9daa6209c4a2b51ec7ba64ab699e.cloudfront.net (CloudFront)
date
Fri, 05 Jan 2024 00:03:13 GMT
last-modified
Thu, 30 Nov 2023 21:16:10 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
age
5129
x-amz-server-side-encryption
AES256
etag
W/"ed389335ec0a417a07e8124e53be2300"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-id
yI2oQOWHjqfRUubcUxDLmHNCFUxKRBr4uL_4qI8x74DseSAgoa7FJw==
view
securepubads.g.doubleclick.net/pcs/ Frame F936 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvx4-wU94UQJqoVi_6TEhyRsF_S3hseyerEIFhaeWXhUcSjzkSjYk-LBtX9GHnpToIQspjoOEwrhWSEFRIyQDt1uLqqjMAeUeldkFUOgtD4v4dkJh2Iu3OjZu9NWbB2USAnzgdCDYUJ0oFnuOaIjzZomeytGCKQc0EKl2BynhOWSSMk20cWxIs7fjXMFtHnL9Cii9mAbVbBWhLRZSI_4PnTi5jtyl1MSmUYw3JOLsFsS4He3hXF5xC6kPI1P1SzOBkjr3NXCdgrVs_CoA4blLTSDenxD8ebyJjvrSWM_AZAmV63FgbN6EQ8NLFwzAsetXdifrck6letY8-JQKWxcMlaB5jxiQfzo4fnCDcRt0uVtC_0BjCgV-0b6Fkr0VY7dnibD4aQ6lV5ig&sai=AMfl-YQq5vEBnsNPiKLLP_xJGWLzw-sOVDCZrSJ4ENyKc3D_DQlS76ZRBE9xSXUBzaj1A0Uk3GqVbVdE0QsN-qdCyT0Eri-oF94__SMrI09Hta6FtpLhPQtzEghLDBuki3a-k8rEL6ywaP5MuDpBzjmoTM5C&sig=Cg0ArKJSzKwUo1tNNNFuEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
aaw.staradvertiser.js
increaserev.com/ads/ob/tage/ Frame F936
Redirect Chain
  • https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6b...
  • https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
618 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
2606:4700:20::681a:7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d9873665b253d82363533546fc42d0f280acd1608ff0d530e248991a0659fa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:31 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 27 Dec 2023 16:46:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRx83pNrnPKwNpNV4EaNpXn142NQb%2BwDmSiYAVi8FDGh8ZnEiI%2F1IntsNjseFZqbR%2FRp1bPNl1wlR2C6T6cNPXyUrbCEE4L2%2BgArmJ76x4jQr48nk%2F4mtP3dM%2FGhHfd8ibGHCdF2wLcZKj7F2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
8407f1e9dabf4c10-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 05 Jan 2024 01:28:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
text/html; charset=UTF-8
location
https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F936 		204 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:28:29 GMT
bulk-metrics
trc-events.taboola.com/oahu-staradvertiser/log/3/ 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/oahu-staradvertiser/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.staradvertiser.com
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
v.clarity.ms/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.staradvertiser.com
Date
Fri, 05 Jan 2024 01:28:29 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
/
reporting.powerad.ai/ 		2 B
272 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://reporting.powerad.ai/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
js
www.googletagmanager.com/gtag/ 		227 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5CQE7K4MEN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137034616-28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4f75c487ef2df0561afea906b6128325548e6b4f142f3e42eefa5c6ea0ad7948
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81859
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 Jan 2024 01:28:29 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=66608816&t=pageview&_s=1&dl=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&ul=en-us&de=UTF-8&dt=More%20than%2020%20injured%20after%20New%20York%20City%20subway%20train%20derails%20%7C%20Honolulu%20Star-Advertiser&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDAAUABAAAAACAAI~&jid=957412522&gjid=501247779&cid=495654607.1704418108&tid=UA-137034616-28&_gid=1065753684.1704418108&_r=1&gtm=457e4130&gcd=11l1l1l1l1&dma=0&tcfd=10000&jsscut=1&z=437811569
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137034616-28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 05 Jan 2024 01:16:40 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
709
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 05 Jan 2024 03:16:40 GMT
/
geo.privacymanager.io/ 		30 B
610 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-81.iad66.r.cloudfront.net
Software
/
Resource Hash
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:30:54 GMT
via
1.1 ff071fa99e74a44c6556cef90e125ca8.cloudfront.net (CloudFront), 1.1 8a39851a9fdfa096ba6f1e618ed88f40.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P2, IAD66-C2
age
61055
x-amzn-requestid
c53bf946-e3a0-4dd7-a05d-d872aff6bc21
x-amzn-trace-id
Root=1-65966cbe-3d753cc7250c6f656d6ad57e;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
RAXtxG3fDoEEIrw=
content-length
30
x-amz-cf-id
JoMdFmTpvvVCZskHSFaveOO2f30wCk8E3z-yzM5PxMowDaG9A9Zc3w==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
spc_fi.php
cdn.firstimpression.io/delivery/ 		38 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=7470&url=%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&charset=UTF-8&ch=15&ref=www.staradvertiser.com&viewerId=null&referer=&_firid=77366235
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-40.iad55.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
2831fc70c2d796eec89c48912bcc2d2fbd90525b8f5920c83d2dab8457a679bc

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:29 GMT
Content-Encoding
gzip
Via
1.1 c378d79f6d61c9af35c366d426990acc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD55-P2
X-Cache
Miss from cloudfront
P3P
CP="CUR ADM OUR NOR STA NID"
Connection
keep-alive
Content-Length
7212
Pragma
no-cache
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
8z5lbahj9hV-NcRqBU4oay75xcRhyNLUqQAFpK6Y0fRsXFpr9yZeOw==
Expires
0
ares-unit.css.gz
origami.secure.ownlocal.com/origami_unit/production/ Frame 238D 		47 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9b091cc3c88e48640b9a667d982a9ee4248e45d346274b4270522aa12811d872

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:22:06 GMT
content-encoding
gzip
age
383
x-guploader-uploadid
ABPtcPrqm8yMKhg0wseiQt9b03y-X_fC8KUMKX2S-lW9vAq8VggXlzmZrtK9j3BWzcfQMq8gtt-MH-Xjmg
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-html-staging
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8022
last-modified
Tue, 28 Nov 2023 23:16:02 GMT
server
UploadServer
etag
"d1b97585dedac242053969ace3b3f27e"
vary
Accept-Encoding
x-goog-generation
1701213362670555
content-language
en
access-control-allow-origin
*
x-goog-hash
crc32c=GwGexg==, md5=0bl1hd7awkIFOWms47Pyfg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
8022
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
text/css
expires
Sat, 06 Jan 2024 01:22:06 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/ Frame 238D 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3253311
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16344
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-ea52"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbpuvPwpwXiEw2SO1sh%2FeJlzCyUTDIfUluPM2NDak9ggv8hiGXSJzwXQzWvoXjw2Hw%2FuHnp99b2xx6zkKx5CsSpcTKQPh%2BVZYWtZq3KwD2x4EIPXK6NcAOE5ejZIG7fqqr0GiWDjymfzqf0CxwniX%2Fik"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8407f1de4a790971-MIA
expires
Wed, 25 Dec 2024 01:28:29 GMT
sp.js.gz
snowplow.ownlocal.com/ Frame 238D 		96 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snowplow.ownlocal.com/sp.js.gz
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.184.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
131.184.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:50:10 GMT
content-encoding
gzip
age
2299
x-guploader-uploadid
ABPtcPrqygXRODs-Sk0jQDTU0dMDnY2qguAG8u8nNMYIGCrROKeeMIRDXnruAqrH-OX6KX0mFVY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29912
last-modified
Mon, 09 May 2022 19:34:21 GMT
server
UploadServer
etag
"e523a607826b707d5b388f1157cf0db7"
vary
Accept-Encoding
x-goog-generation
1652124861687069
x-goog-hash
crc32c=yl0zPw==, md5=5SOmB4JrcH1bOI8RV88Ntw==
content-type
application/x-javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
29912
accept-ranges
bytes
expires
Fri, 05 Jan 2024 01:50:10 GMT
polyfill.min.js
cdn.polyfill.io/v2/ Frame 238D 		103 B
536 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Promise,fetch,Set,requestAnimationFrame,Map
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 05 Jan 2024 01:28:29 GMT
age
1422934
detected-user-agent
Chrome/120.0.0
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=3
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
121
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
normalized-user-agent
chrome/120.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
react.production.min.js
unpkg.com/react@16.5.2/umd/ Frame 238D 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@16.5.2/umd/react.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2984575
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HGJNESNS8TS7EJTZ8QC0HXS5-mia
server
cloudflare
etag
W/"28a2-zTTTPNEOyiQBmfjucbRapR63Ixw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1df9cba9ab4-MIA
react-dom.production.min.js
unpkg.com/react-dom@16.5.2/umd/ Frame 238D 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@16.5.2/umd/react-dom.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2688962
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HGVFC5CKE7QH97M3MRZS9NFM-mia
server
cloudflare
etag
W/"170da-IPAwmE0kwddBAKa0tilJJFl1MZg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1df9cbb9ab4-MIA
ares-unit.css.gz
origami.secure.ownlocal.com/origami_unit/production/ Frame E3AD 		47 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9b091cc3c88e48640b9a667d982a9ee4248e45d346274b4270522aa12811d872

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:22:06 GMT
content-encoding
gzip
age
383
x-guploader-uploadid
ABPtcPrqm8yMKhg0wseiQt9b03y-X_fC8KUMKX2S-lW9vAq8VggXlzmZrtK9j3BWzcfQMq8gtt-MH-Xjmg
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-html-staging
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8022
last-modified
Tue, 28 Nov 2023 23:16:02 GMT
server
UploadServer
etag
"d1b97585dedac242053969ace3b3f27e"
vary
Accept-Encoding
x-goog-generation
1701213362670555
content-language
en
access-control-allow-origin
*
x-goog-hash
crc32c=GwGexg==, md5=0bl1hd7awkIFOWms47Pyfg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
8022
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
text/css
expires
Sat, 06 Jan 2024 01:22:06 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/ Frame E3AD 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3253311
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16344
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-ea52"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTCfc4sLTvqm41oNGCIi0cYj4Nyj7DMHlF3wRY4IsLgBPRSRo8GFUP8FXDPEhbrCUStZTK0fRWt9gfsbSXXVlWjcWGKtYEhYseZCSdOh5kA8ffrEVBDqReWqIOb2Co1%2Bvm4Udn7s8cqtXFOsZ3n9tOYF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8407f1de6a9e0971-MIA
expires
Wed, 25 Dec 2024 01:28:29 GMT
sp.js.gz
snowplow.ownlocal.com/ Frame E3AD 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snowplow.ownlocal.com/sp.js.gz
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.184.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
131.184.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:50:10 GMT
content-encoding
gzip
age
2299
x-guploader-uploadid
ABPtcPrqygXRODs-Sk0jQDTU0dMDnY2qguAG8u8nNMYIGCrROKeeMIRDXnruAqrH-OX6KX0mFVY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29912
last-modified
Mon, 09 May 2022 19:34:21 GMT
server
UploadServer
etag
"e523a607826b707d5b388f1157cf0db7"
vary
Accept-Encoding
x-goog-generation
1652124861687069
x-goog-hash
crc32c=yl0zPw==, md5=5SOmB4JrcH1bOI8RV88Ntw==
content-type
application/x-javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
29912
accept-ranges
bytes
expires
Fri, 05 Jan 2024 01:50:10 GMT
polyfill.min.js
cdn.polyfill.io/v2/ Frame E3AD 		103 B
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Promise,fetch,Set,requestAnimationFrame,Map
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 05 Jan 2024 01:28:29 GMT
age
1422934
detected-user-agent
Chrome/120.0.0
server-timing
HIT-WAIT, fastly;desc="Edge time";dur=2
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
121
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
normalized-user-agent
chrome/120.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
react.production.min.js
unpkg.com/react@16.5.2/umd/ Frame E3AD 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@16.5.2/umd/react.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2984575
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HGJNESNS8TS7EJTZ8QC0HXS5-mia
server
cloudflare
etag
W/"28a2-zTTTPNEOyiQBmfjucbRapR63Ixw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1df9cbf9ab4-MIA
react-dom.production.min.js
unpkg.com/react-dom@16.5.2/umd/ Frame E3AD 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@16.5.2/umd/react-dom.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2688962
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HGVFC5CKE7QH97M3MRZS9NFM-mia
server
cloudflare
etag
W/"170da-IPAwmE0kwddBAKa0tilJJFl1MZg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8407f1df9cc19ab4-MIA
collect
stats.g.doubleclick.net/j/ 		2 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-16272709-1&cid=495654607.1704418108&jid=23074486&gjid=1443334093&_gid=1065753684.1704418108&_u=YADAAEAAAAAAACAAI~&z=430143133
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 05 Jan 2024 01:28:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pv
api.btloader.com/ 		0
12 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=6rBsx5QcO&w=4842806937387008&o=4879373895204864&cv=2.1.27-2-g1727909&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&sid=lakMZkkmc&pm=true&upapi=true
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 05 Jan 2024 01:28:29 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
getuidj
ib.adnxs.com/ 		29 B
879 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d6e1781382459617527de45bb7cadc805553e724a72d42bc74e9afde62dec85f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:29 GMT
an-x-request-uuid
9dd58575-0066-4ff6-80e9-1ecce9b9de32
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
29
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rid
match.adsrvr.org/track/ 		108 B
708 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
bd7726ab279110390a329b55a14d082d04f90a25aa51196728afc3641c7b9708

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 04 Feb 2024 01:28:29 GMT
ad
a.teads.tv/page/57606/ 		569 B
977 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/57606/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&auctid=7f4cbe29-60d9-4374-99cc-cb1a05bd0f3a&autoplay=true&formatVersion=1309&env=js-web&netBw=10&ttfb=97
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
90344955f5713c57fa128f295170451788c77c9f1f97473f0b34a29f1db37aa8

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:29 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
400
expires
Fri, 05 Jan 2024 01:28:29 GMT
css
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1eda5a22ae0ee3edb6d629fa72ff806cbd1e54de7bafa122cd26ace6ee69679d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 01:28:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:38:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jan 2024 01:28:29 GMT
IV3njZBSGk-NcIaOFkzhPw.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/IV3njZBSGk-NcIaOFkzhPw.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d4c38f07000ca13625e0f2d6ea9d9eacfab8f2c435b6321a3dc19035d0258e84
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Fri, 05 Jan 2024 01:28:29 GMT
strict-transport-security
max-age=0
content-md5
maBrqDF2qmxmsDGuu6zBbQ==
content-length
43027
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 09:56:45 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC0D0B75CB5F2D
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
3aa0e1d4-901e-0006-4a0e-3f0e0e000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Sun, 07 Jan 2024 01:28:29 GMT
9cKsjQoNZk-KX7wS06bpkg.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/9cKsjQoNZk-KX7wS06bpkg.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cb1601b118cb22a328ce403da0ce68713b837bf95dcf609cc771947566b3dfad
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Fri, 05 Jan 2024 01:28:29 GMT
strict-transport-security
max-age=0
content-md5
KkuhM7XxV+JuEkjwNAfAtg==
content-length
36273
x-ms-lease-status
unlocked
last-modified
Wed, 03 May 2023 08:55:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4BB425EA8214
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
be91e23d-801e-0047-70ed-8056ea000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Sun, 07 Jan 2024 01:28:29 GMT
520OvDiIjkaiiLT9PozMNw.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ 		171 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/520OvDiIjkaiiLT9PozMNw.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
91fb1a0303ee80bf55702d97c5e8f020339bde5f5fa740a4acea2be37091a188
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Fri, 05 Jan 2024 01:28:29 GMT
strict-transport-security
max-age=0
content-md5
eFdkyW3WxdOhMvIjHLPppg==
content-length
175353
x-ms-lease-status
unlocked
last-modified
Wed, 04 Oct 2023 14:42:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBC4E820C60988
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
329aa8d4-201e-002c-6364-28d11e000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Sun, 07 Jan 2024 01:28:29 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
be874d28-7c97-465c-8d27-0d49c6ae82d4.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/be874d28-7c97-465c-8d27-0d49c6ae82d4.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4105740479727a011f51285d53792c0b1c16f756fad37a877eff83054a578a65
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Fri, 05 Jan 2024 01:28:29 GMT
strict-transport-security
max-age=0
content-md5
mGlZ23vYUlecyXNnw5hEVA==
content-length
124727
x-ms-lease-status
unlocked
last-modified
Fri, 11 Apr 2014 02:02:45 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D12341440E4CE0
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
57abb105-101e-006a-1a5e-3fe599000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Sun, 07 Jan 2024 01:28:29 GMT
f1b0113b-bcd5-4de0-a096-dda1c255a836.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/f1b0113b-bcd5-4de0-a096-dda1c255a836.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
11d7b8a1dec362f1eef1b6e031ad004ac31d12df001a74e559d31108401bb58d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Fri, 05 Jan 2024 01:28:29 GMT
strict-transport-security
max-age=0
content-md5
34bkRtM9ABfAv4MGX+frng==
content-length
87610
x-ms-lease-status
unlocked
last-modified
Tue, 24 May 2016 06:31:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D3839CFE9D7FD6
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
b351a389-b01e-002e-1866-286fa6000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Sun, 07 Jan 2024 01:28:29 GMT
6306d362-8367-417a-9ae2-2ec40709bad8.medium.JPG
cdn59755463.blazingcdn.net/portalimages/portalimages/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/6306d362-8367-417a-9ae2-2ec40709bad8.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
72fda1fa4710db934229dd87e4be7d1267eb89d3e849c9d781ed768bee1d310d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Fri, 05 Jan 2024 01:28:29 GMT
strict-transport-security
max-age=0
content-md5
yB9zaaXeS9D7hFGC+96pkg==
content-length
9980
x-ms-lease-status
unlocked
last-modified
Fri, 20 Sep 2019 07:38:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D73D9D7D8145F6
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
faff1cd6-c01e-000b-15cb-2fc6da000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Sun, 07 Jan 2024 01:28:29 GMT
_JLzkfGW8kyiGBq6UHEckQ.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ 		256 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/_JLzkfGW8kyiGBq6UHEckQ.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a0a9980a169c8d00f1d15cf550a0042f66830dc82087fbbd1c072e9aef393d90
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Fri, 05 Jan 2024 01:28:29 GMT
strict-transport-security
max-age=0
content-md5
IFt5inC/Tdpy8q6Aeu6atw==
content-length
262114
x-ms-lease-status
unlocked
last-modified
Sun, 20 Nov 2022 01:43:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DACA98A0010835
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
2e2b4399-101e-007a-6567-2820f1000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Sun, 07 Jan 2024 01:28:29 GMT
dwoUTuBwR0iRZARq7gQufw.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ 		286 KB
286 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/dwoUTuBwR0iRZARq7gQufw.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1b51cda29b67de66c6e1f4162f1658593331aa5969277734b302718847590049
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Fri, 05 Jan 2024 01:28:29 GMT
strict-transport-security
max-age=0
content-md5
/b4ytS7/ItKpaMDyOMLtoQ==
content-length
292455
x-ms-lease-status
unlocked
last-modified
Sun, 20 Nov 2022 01:43:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DACA98A0A126ED
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
2e2b438b-101e-007a-5967-2820f1000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Sun, 07 Jan 2024 01:28:29 GMT
dff8d9fb-5b82-4619-bbeb-db10f87b79b1.medium.JPG
cdn59755463.blazingcdn.net/portalimages/portalimages/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/dff8d9fb-5b82-4619-bbeb-db10f87b79b1.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
22c47ffbe21c5caa8e79dfa00fce0665be86891e5ab44a9d762c707ab4eddccc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Fri, 05 Jan 2024 01:28:29 GMT
strict-transport-security
max-age=0
content-md5
y/xe3iVLrPM306esAueKsg==
content-length
11139
x-ms-lease-status
unlocked
last-modified
Tue, 26 Apr 2022 20:03:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA27BFCE149731
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
2b5de316-001e-0076-5427-2bb7f9000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Sun, 07 Jan 2024 01:28:29 GMT
6deebcad-ee4f-42ac-bdf5-3b2d616dab4b.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/6deebcad-ee4f-42ac-bdf5-3b2d616dab4b.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bb6ba5e9ea1677a129cec7c8196a74507dbcf98a423093a61c384b061983d0b9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Fri, 05 Jan 2024 01:28:29 GMT
strict-transport-security
max-age=0
content-md5
uitpi2QgokMP+x8xSGHWbA==
content-length
125592
x-ms-lease-status
unlocked
last-modified
Fri, 02 May 2014 09:04:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D133FCA1282A03
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
7a5363df-101e-0055-78fc-6e2d3a000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Sun, 07 Jan 2024 01:28:29 GMT
CZJi2Lf3ikym22dcMKKyxA.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ 		183 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/CZJi2Lf3ikym22dcMKKyxA.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4b49a4a4c70d87395a46a310a9aaef413d5d2a5ff50a59df3245c65e4a404dd0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Fri, 05 Jan 2024 01:28:29 GMT
strict-transport-security
max-age=0
content-md5
+o4Zgh4TV1qNAS4ZDLpdmQ==
content-length
187589
x-ms-lease-status
unlocked
last-modified
Sat, 23 Sep 2023 14:14:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBBC3F77FE9316
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
f64c1f83-201e-004e-7c5d-301339000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Sun, 07 Jan 2024 01:28:29 GMT
d3f6717b-fe40-4250-852d-756575a0a61e.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/d3f6717b-fe40-4250-852d-756575a0a61e.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ed3c509e79b1db66a421f9a82c3c0be8af6733b2c4fc0a80b6f6b9521bc7b91b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Fri, 05 Jan 2024 01:28:29 GMT
strict-transport-security
max-age=0
content-md5
WxoZxIBi4Uk+pHUpXchNmw==
content-length
110650
x-ms-lease-status
unlocked
last-modified
Sat, 10 May 2014 22:57:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D13ABA4C388546
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
8243b084-501e-006b-2603-38ba45000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Sun, 07 Jan 2024 01:28:29 GMT
a236cd9e-3bc6-4b8e-84f0-de9a2c59f767.medium.PNG
cdn59755463.blazingcdn.net/portalimages/portalimages/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/a236cd9e-3bc6-4b8e-84f0-de9a2c59f767.medium.PNG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e04a56ad7a9b4d9ff57c4ba0203045adbbb08341e6e629a352be098dc54623a4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Fri, 05 Jan 2024 01:28:29 GMT
strict-transport-security
max-age=0
content-md5
mBqhzCfHVwftrFmq1dXWJQ==
content-length
20187
x-ms-lease-status
unlocked
last-modified
Wed, 24 Mar 2021 19:14:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8EEF90C247053
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
83db4457-f01e-0062-5a67-28ff96000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Sun, 07 Jan 2024 01:28:29 GMT
gWe7-rYlRU2XhuJXs1856g.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/gWe7-rYlRU2XhuJXs1856g.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bac8cfbf824211c968347626abb52b1fa52986b638d87ea2da59c2d36a461281
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Fri, 05 Jan 2024 01:28:29 GMT
strict-transport-security
max-age=0
content-md5
sEpBVIz4pX1c0wVtuOcRNA==
content-length
35160
x-ms-lease-status
unlocked
last-modified
Sat, 27 May 2023 01:17:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB5E501798ECAC
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
172a48a6-501e-0044-31b3-90b78e000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Sun, 07 Jan 2024 01:28:29 GMT
0e2cd19d-aff1-474f-a620-401015d22ac6.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ 		173 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/0e2cd19d-aff1-474f-a620-401015d22ac6.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
484f92ecc4e65590cd108590603323c0f65584cb8305af6995bba74ac812de05
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Fri, 05 Jan 2024 01:28:29 GMT
strict-transport-security
max-age=0
content-md5
JVAyG9Zxt5b5fM1qNbyOEg==
content-length
177506
x-ms-lease-status
unlocked
last-modified
Sun, 20 Nov 2016 19:08:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D411789D89811C
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
c71662a3-a01e-001d-63b5-a4300d000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Sun, 07 Jan 2024 01:28:29 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:25:51 GMT
x-content-type-options
nosniff
age
158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Jan 2025 01:25:51 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=2853752&ntv_pl=1071098
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.141.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-141-199.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:29 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=3a5f20b8-1d61-44e0-8739-5f6d135d501d&ntv_fl=W6Y2CVR50ABR51L5Wc0JfkQkUPWv6Fn2wPbH9oXuqhODIL4zJCeyTsUeJl1SoqLOlZ6Xm4uPHktuW7CGRDf2aV5uytDh9vSCfG0OeveXviHCEewKciiKCv6kRW88DIgm2jFYC36hJre6EGk2NOck2jlgzumD61tqtrp_feMOyRL7f58drKtnyC47_HfB-ktJXWr29z8rzNM-Yd3Q5lGpLbgMm8WOlaFfqpDSgt1OCx2Kzcd_JyDTUHMJNe3eEn22Pn5gBctnD8b8B8gKH3xdthLdRJOCmWlU3V2rU_pJLAhJU-Bn6Rk0MoHiNnMYB0nYqtcHWowBvy86vyagGen9lk8pyFU_C7dUQDdPJQaSfq-vbHrRojghqMLsNzcwT7ql2KIHWVRgnCejQWX2-oEfCuB0oRHyzzDHARsMlr7lG3nNNtSjBpOHXoz19e1R2plGI8_frVMBsJp7h8mmGFc6SfbYigQlU0qYqSDr6h4y5tWx9LPtlbe_3PMB952-mXxp-snYeW7sD6ix6RbuyngOM0mVRJHSOn0H3BNTyFSuEKrcA6qDh-00e_ot2YmUwbfBq4bgy9vw5ufBFcHw119e2tbhifBwB9meA8ZKk4jxwvE=&ntv_ht=O1uXZQA&ntv_at=303,302&ntv_a=AAAAAAAAAA-lcQA&ord=1704418109442&ntv_it
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.141.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-141-199.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:29 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
web1_14550680-921e5d1318ef46598f294e5d6d7bfa16.jpg
staradvertiser.wpenginepowered.com/wp-content/uploads/2024/01/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/uploads/2024/01/web1_14550680-921e5d1318ef46598f294e5d6d7bfa16.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
042c740b9b2255d7f1273a9cd677012278c5f10b8dccf808e0894b7d51149cd3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 01:20:39 GMT
server
cloudflare
etag
"65975967-9c2c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8407f1e039d2b3c2-MIA
alt-svc
h3=":443"; ma=86400
content-length
39980
hotdealshawaii
api.payvibe.com/v1/site-url/status/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.payvibe.com/v1/site-url/status/hotdealshawaii
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.200.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-200-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,authorization,content-type,secretkey
Access-Control-Request-Method
GET
Origin
https://travel.payvibe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
ACCESS-CONTROL-ALLOW-ORIGIN,AUTHORIZATION,CONTENT-TYPE,SECRETKEY
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, private
date
Fri, 05 Jan 2024 01:28:29 GMT
server
Apache
x-frame-options
sameorigin
hotdealshawaii
api.payvibe.com/v1/site-url/status/ Frame 0EEE 		11 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.payvibe.com/v1/site-url/status/hotdealshawaii
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/public/assets/app.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.200.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-200-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
fe996ded19f3c853cd2ee96939b984adb1ef8c2da36b2a26811cae1c46fdb886
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Access-Control-Allow-Origin
*
secretkey
Referer
https://travel.payvibe.com/
accept-language
en-US,en;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:30 GMT
content-encoding
gzip
server
Apache
x-frame-options
sameorigin
vary
Authorization,Origin,Accept-Encoding
content-type
application/json
x-ratelimit-remaining
1968
access-control-allow-origin
*
cache-control
no-cache, private
x-ratelimit-limit
2000
content-length
3130
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.7.5/ 		121 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.7.5/UnitFeedManagerDesktop.min.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7bd96688cbb98c39cc3c0dc22f09cbfd22d353d77b651ebc255cfaedfecdbc5

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:29 GMT
via
1.1 177fd0f8c3e2c78883d72714aa07183a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
MIA3-C3
age
386128
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
34238
x-served-by
cache-mia-kmia1760099-MIA
last-modified
Sun, 31 Dec 2023 10:01:09 GMT
server
AmazonS3
x-timer
S1704418110.857551,VS0,VE0
etag
"cf9f8c79c74a3093183012fb770abf82"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Yt53WturBIqs4_spLp6yGzj5uLstl0PFiZLu5F07pTL4F1aXtuv3DQ==
x-cache-hits
26067
feed-card-placeholder.20240104-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20240104-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/oahu-staradvertiser/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40eb4494f963b2f531935eb893e7c70b1bd4d8883ca07fde4edb042c4af11387

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
fMi2KLEulvb_uusjzoVCBQ4IFfzO1Ulw
content-encoding
gzip
via
1.1 varnish
date
Fri, 05 Jan 2024 01:28:29 GMT
x-amz-request-id
M57G7H0FF04BPQTT
age
51602
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
T5erGJJqhJ8JiIxkfSgoy4pJcR0T/afqGIa/yEXJgEboP7CFIxGH5OmLiS/XDiWYISkHpyooLXM=
x-served-by
cache-mia-kmia1760087-MIA
last-modified
Thu, 04 Jan 2024 11:08:27 GMT
server
AmazonS3
x-timer
S1704418110.794288,VS0,VE0
etag
"4f50a068fa248996321f367dcf8c7f52"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
81
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
75673
feed-footer-overlay.20240104-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-footer-overlay.20240104-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/oahu-staradvertiser/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5652c0dbd08f9187e4225e7938fa125bc5d57ea0ce5e7eac30d7884293321934

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
DQErado5pY9kP3LZeIkBT5QRlA26aeY.
content-encoding
gzip
via
1.1 varnish
date
Fri, 05 Jan 2024 01:28:29 GMT
x-amz-request-id
C70ZE838VBB6SRM6
age
51600
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2948
x-amz-id-2
hRPhSf/aPXrNP+ZhjeSrOk9OmmGYFth5cILXrPVx+ZVpdgaLHndC+HiNzAAyir66DDVQ3LZfdaU=
x-served-by
cache-mia-kmia1760087-MIA
last-modified
Thu, 04 Jan 2024 11:08:26 GMT
server
AmazonS3
x-timer
S1704418110.795584,VS0,VE0
etag
"739a8c2f27188e38c78aafa68bfcc5b6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
26
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
865
distance-from-article.20240104-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20240104-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/oahu-staradvertiser/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e260c30045f1b05617f23476acdda8b93536de9e6446b757d7334250297c489

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
Qjywn6cL5rejK9hcls5CfyNwwPETx_4o
content-encoding
gzip
via
1.1 varnish
date
Fri, 05 Jan 2024 01:28:29 GMT
x-amz-request-id
A7D4KC4Y362J7Y6Q
age
51596
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
pVoL0gGEVJ8qNSeMClITm+Wl2YhC6njwm2lDQOaZLEnELskdMDRFZmYWLO1cS5fU0l42MrQl2J0=
x-served-by
cache-mia-kmia1760087-MIA
last-modified
Thu, 04 Jan 2024 11:08:34 GMT
server
AmazonS3
x-timer
S1704418110.804424,VS0,VE0
etag
"c5488a1b33b1d8b5475b133202fefc5b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
38
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
74100
article-detection.20240104-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20240104-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/oahu-staradvertiser/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65505f215e9d6c8317be522c00e041b7da5b7a22e8fb8a8d7485a76b691b16f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
rtc13dlxVVo9rGRt2uFsgEX7ziYl68I4
content-encoding
gzip
via
1.1 varnish
date
Fri, 05 Jan 2024 01:28:29 GMT
x-amz-request-id
NAVVDNEQSPD988MB
age
51589
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
8IMYUWq9s0QaBAoW/nc6B/0kQZuW/qIKfrSmLc+BLOI1sUh4QZ3p0Pbi5WvuBgBJhlT+20qEBZg=
x-served-by
cache-mia-kmia1760087-MIA
last-modified
Thu, 04 Jan 2024 11:08:40 GMT
server
AmazonS3
x-timer
S1704418110.807119,VS0,VE0
etag
"d1831c6c3ea7334404ec31ce08af0eaa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
97
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
74042
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Fri, 05 Jan 2024 01:28:29 GMT
x-amz-request-id
RZZGQGVZZPBNNKPZ
age
72
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
TuToo9aAD0jld3q5D8ajeiVuXn9+a9J1hEVyHxo2KBYzjTxcEbx+qhUr3v/GbBqX+2yHI1YJJe4=
x-served-by
cache-mia-kmia1760087-MIA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1704418110.880420,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
92
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
77
userx.20240104-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20240104-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/oahu-staradvertiser/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
682eea5c87bf67e804007deb37d6cc3e5eb7086374828b2af3edd3f3dda92da3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
gXOZGBIlMChbQZN6H7nE1LNB2AO93v3U
content-encoding
gzip
via
1.1 varnish
date
Fri, 05 Jan 2024 01:28:29 GMT
x-amz-request-id
F1Z79Z8E1GM69W4R
age
51628
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
1oPp0Iy1lmmlFaON0OytjZxVHrp+N5eQAFjbjJTP0azGoQ5PuMWNCMXciMK/yoGwPRMwYy1Lvlg=
x-served-by
cache-mia-kmia1760087-MIA
last-modified
Thu, 04 Jan 2024 11:08:01 GMT
server
AmazonS3
x-timer
S1704418110.913784,VS0,VE0
etag
"68f394774f9800b001f1f78014cbbc4d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
29
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
13235
explore-more.20240104-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20240104-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/oahu-staradvertiser/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13f016fc35d3cf152e8f989d05935bb90c6d1073c83611f04e908eef09229064

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
OOh4HsR59TIhrSya6Xm.I0scTRIhPVyd
content-encoding
gzip
via
1.1 varnish
date
Fri, 05 Jan 2024 01:28:30 GMT
x-amz-request-id
C70YGM7F9M0N8E9D
age
51600
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7706
x-amz-id-2
eZRWQZx7Hv1mVVg6EuYRv2zt/1PnQ/hTj2owRMpgpFwfPdzevPlbno5Vc6Wc14TiZVwaaTEdG/U=
x-served-by
cache-mia-kmia1760087-MIA
last-modified
Thu, 04 Jan 2024 11:08:29 GMT
server
AmazonS3
x-timer
S1704418110.063169,VS0,VE0
etag
"a09e51c1496e0751b14b02309cd89e26"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
58
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
35464
abtests
ch-trc-events.taboola.com/oahu-staradvertiser/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/oahu-staradvertiser/log/3/abtests?route=US:CH:V&tvi2=10443&tvi48=11657&tvi50=11104&lti=deflated&ri=b14c472a780da084456a64c8ad9a2bcf&sd=v2_3f710bd07c3e753b785ba6f2ad6c8c40_055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc_1704418108_1704418108_CNawjgYQrK1FGPHH8bnNMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGiX1Mza_5njnMEBcAE&ui=055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc&pi=/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails&wi=5938811235174806824&pt=text&vi=1704418108401&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1704418109810%7D&tim=15%3A28%3A29.811&id=6675&llvl=2&cv=20240104-7-RELEASE&
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
ch-trc-events.taboola.com/oahu-staradvertiser/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/oahu-staradvertiser/log/3/supply-feature?route=US:CH:V&tvi2=10443&tvi48=11657&tvi50=11104&lti=deflated&ri=b14c472a780da084456a64c8ad9a2bcf&sd=v2_3f710bd07c3e753b785ba6f2ad6c8c40_055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc_1704418108_1704418108_CNawjgYQrK1FGPHH8bnNMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGiX1Mza_5njnMEBcAE&ui=055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc&pi=/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails&wi=5938811235174806824&pt=text&vi=1704418108401&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=15%3A28%3A30.043&id=9562&llvl=2&cv=20240104-7-RELEASE&
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/ Frame 238D
Redirect Chain
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
200 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H2
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 05 Jan 2024 01:28:32 GMT
x-content-type-options
nosniff
content-encoding
br
age
4994268
x-jsd-version
4.5.95
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34908
x-served-by
cache-fra-etou8220099-FRA, cache-mia-kmia1760042-MIA
x-jsd-version-type
version
etag
W/"31f6f-BYur28y59QOryer8RIiplddE6Sc"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 05 Jan 2024 01:28:31 GMT
x-content-type-options
nosniff
age
4497052
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
111
x-served-by
cache-fra-etou8220094-FRA, cache-mia-kmia1760042-MIA
vary
Accept-Encoding, Accept
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
inter.css
rsms.me/inter/ Frame 238D 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eaea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18

Request headers

accept-language
en-US,en;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-fastly-request-id
3cc20aba27ad5ad046c329f82224fc258a9aa5d5
date
Fri, 05 Jan 2024 01:28:30 GMT
via
1.1 varnish
content-encoding
br
expires
Fri, 15 Dec 2023 09:03:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
149
x-cache
HIT
x-proxy-cache
HIT
alt-svc
h3=":443"; ma=86400
x-served-by
cache-mia-kmia1760084-MIA
last-modified
Mon, 20 Nov 2023 16:23:05 GMT
server
cloudflare
x-github-request-id
6208:3C1B:79862:99DB9:655B88B3
x-timer
S1700497963.042145,VS0,VE2
etag
W/"655b87e9-1b8d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFZ3gq9xt4dnr0AdiMeyFYsZS85UVAL0eudshjbduNubWXr5e8fF%2B%2FrfUZ0V4hNie9tPINsF0hOuPNiUOft1q2UMJZMhPj%2B7B%2BpmXjZuyJwKudiwoyvjil%2Be43uE9eaIYDNwxWpm"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
x-origin-cache
HIT
cf-ray
8407f1e5c8962604-MIA
x-cache-hits
1
css2
fonts.googleapis.com/ Frame 238D 		1 KB
474 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@500&display=swap
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22ec16fa85ebbbba8861f114d18a832e56adae1029d64269ebc049246f6055f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 01:28:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 01:19:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jan 2024 01:28:30 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=YAMFxqR3qCYbUd0e&instance=214055123&version=7.29.3-U&age=240105&cmd=GET&key=y3roexcY&c_id=13479&seq=1&order=2&vIndex=0&absoluteTime=6901.5&relativeTime=2544.4&canonical=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/&EXTREF=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/&REF=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/&playerCfg=FL&playerType=FLOAT&serverHost=embed.sendtonews.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.145.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-145-94.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:30 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
0.js
player.sendtonews.com/bidderFiles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-55.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2db9dbe9e508943befef93ba539d3675a5e2c5701ce0671d5f2baab3070a116

Request headers

Referer
https://embed.sendtonews.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
7tPeP2y06Lzrusrk7vibUMM21T6DB.Rc
content-encoding
gzip
via
1.1 c1cecf43ad8e18f031edf5229ce4289c.cloudfront.net (CloudFront), 1.1 7c4bbd97f5be908e33f403c3794f629a.cloudfront.net (CloudFront)
date
Thu, 04 Jan 2024 07:11:18 GMT
x-amz-cf-pop
IAD61-P3, IAD89-C1
age
65833
x-cache
Hit from cloudfront
last-modified
Wed, 29 Nov 2023 22:05:10 GMT
server
AmazonS3
etag
W/"8c05f771b7f1423915f231f2744056e0"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id
ndznz5j2uSixTQNcI3trR-nW-Dka85iSFKhqM-7jMzOSbtW9FQxmPQ==
bootstrapper
tags.qortex.ai/ Frame 2894 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.qortex.ai/bootstrapper
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
eaa1fe6daa6d6efa271e07a942dd6cd521cf367b0f2a1470512f43dc315ad50c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
156
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqjPiunZZRcJAfkTISEVWJ86%2B3my8DLnF4UDfhSnwt7C90LehHKNo2%2FV8154KXrs5aiMPQNspkYLJN8zCEAQ%2B%2FGUPzqPj6nBHFA43SyLHsy%2FFTcKweGj%2Bh0tIMPBaDcjgsrHHvcA4oklPD09"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8407f1e6ff844c0f-MIA
nf0i2nv7daxum3ddpry3wvid6vtn78zq.png
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/nf0i2nv7daxum3ddpry3wvid6vtn78zq.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc05239e85f475138747c2e48ebb50f775cb16f10f248f9e6590cd103bd4d697

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:40:22 GMT
via
1.1 08f45c153a856ff7955174d0e6f60744.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
age
20889
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
158757
last-modified
Thu, 04 Jan 2024 19:23:14 GMT
server
AmazonS3
etag
"3e3f067e2083af8036a7be70cae2a607"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
fE2We_iWsqTsl8H5MSUWHZyrtx1KlzQ7R6kD8B1ZwAjGEFOJDm5HJA==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=YAMFxqR3qCYbUd0e&instance=214055123&version=7.29.3-U&age=240105&cmd=RTP&key=y3roexcY&c_id=13479&seq=1&order=3&vIndex=0&absoluteTime=6909.5&relativeTime=2552.4&sC_ID=13512&sm_id=3287948&load=1&status=LVFNSNIY&ac_id=2008&EXTREF=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/&REF=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/&playerCfg=FL&playerType=FLOAT&DS=found&eg.enabled=false&eg.delay=15&eg.ctdwn=5&eg.vl=30&eg.mid=rm&eg.source=p6&eg.time=false
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.145.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-145-94.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:30 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
identity
api.rlcdn.com/api/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 05 Jan 2024 01:28:30 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/ 		108 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
815ff22a35fb6b584f35ddb3f69f00f581c941ffedbc38d9b5c9732a4a7413e8

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 05 Jan 2024 01:28:30 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 04 Feb 2024 01:28:30 GMT
/
id.sv.rkdms.com/identity/ 		2 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.99.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-99-162.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:30 GMT
access-control-allow-credentials
true
server
awselb/2.0
content-length
2
vary
Accept-Encoding
content-type
application/json
ppid
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&us_privacy=1---
  • https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&us_privacy=1---&b=1&g=%2BBjbB0yJ1CXoDOyA5XzgLs0p%2BHfG1Wq9jA9mDOpaG0A%3D&fp=%2FYCDo88H9fLPGXTvFNqMMloV8O6zk0RTxHxsoZR5jfcBuvi9V...
42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&us_privacy=1---&b=1&g=%2BBjbB0yJ1CXoDOyA5XzgLs0p%2BHfG1Wq9jA9mDOpaG0A%3D&fp=%2FYCDo88H9fLPGXTvFNqMMloV8O6zk0RTxHxsoZR5jfcBuvi9VpHA4NqlPk%2FF2uNeFNu5%2BEhAWuK%2F8fgG4GakbA%3D%3D
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 05 Jan 2024 01:28:30 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://www.staradvertiser.com
location
https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&us_privacy=1---&b=1&g=%2BBjbB0yJ1CXoDOyA5XzgLs0p%2BHfG1Wq9jA9mDOpaG0A%3D&fp=%2FYCDo88H9fLPGXTvFNqMMloV8O6zk0RTxHxsoZR5jfcBuvi9VpHA4NqlPk%2FF2uNeFNu5%2BEhAWuK%2F8fgG4GakbA%3D%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 		503 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Jan 2025 00:44:06 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 09:16:46 GMT
x-content-type-options
nosniff
age
144704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jan 2025 09:16:46 GMT
ats5ctmxg2cs835goagjn67szx5m47zu.png
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		300 KB
301 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ats5ctmxg2cs835goagjn67szx5m47zu.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54209b35085ed16f7bd576d44c27ae5ab18ae6baa9268a282b7e87bbd6e38d18

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:35:12 GMT
via
1.1 08f45c153a856ff7955174d0e6f60744.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
age
21199
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
307503
last-modified
Wed, 03 Jan 2024 19:23:38 GMT
server
AmazonS3
etag
"014ba21790e0b1fe1307fe062865355c"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
n7vjTaYUO8n1jH0pDMRC6FyYzp17tx05zYTpezCpvAkuxfqqspRiCw==
z7rl51p8qsw17p2r7f7k3z2a5sbgeng9.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/z7rl51p8qsw17p2r7f7k3z2a5sbgeng9.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5fd370d89657c7c2772c818ad007b9b56a82566f1bf2830b1dcd48cc43d8d9a

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:22:02 GMT
via
1.1 08f45c153a856ff7955174d0e6f60744.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
age
389
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
40362
last-modified
Fri, 05 Jan 2024 01:01:04 GMT
server
AmazonS3
etag
"e33ef5f2059d7da7ce324856bfaae11d"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
JM2M-H0466ZQkaZhEcM-Cj3wtXWhphstHyerTNjSVPQu1_8pWVUI-Q==
bridge3.609.1_en.html
imasdk.googleapis.com/js/core/ Frame 2E5E 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
80407
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245986
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 03:08:23 GMT
expires
Fri, 03 Jan 2025 03:08:23 GMT
last-modified
Mon, 18 Dec 2023 19:42:36 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 Jan 2024 01:28:30 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 26E3 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 05 Jan 2024 01:53:21 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/ Frame E3AD
Redirect Chain
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
200 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H2
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 05 Jan 2024 01:28:32 GMT
x-content-type-options
nosniff
content-encoding
br
age
4994268
x-jsd-version
4.5.95
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34908
x-served-by
cache-fra-etou8220099-FRA, cache-mia-kmia1760042-MIA
x-jsd-version-type
version
etag
W/"31f6f-BYur28y59QOryer8RIiplddE6Sc"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 05 Jan 2024 01:28:31 GMT
x-content-type-options
nosniff
age
4497052
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
111
x-served-by
cache-fra-etou8220094-FRA, cache-mia-kmia1760042-MIA
vary
Accept-Encoding, Accept
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
inter.css
rsms.me/inter/ Frame E3AD 		7 KB
949 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eaea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18

Request headers

accept-language
en-US,en;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-fastly-request-id
3cc20aba27ad5ad046c329f82224fc258a9aa5d5
date
Fri, 05 Jan 2024 01:28:30 GMT
via
1.1 varnish
content-encoding
br
expires
Fri, 15 Dec 2023 09:03:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
149
x-cache
HIT
x-proxy-cache
HIT
alt-svc
h3=":443"; ma=86400
x-served-by
cache-mia-kmia1760084-MIA
last-modified
Mon, 20 Nov 2023 16:23:05 GMT
server
cloudflare
x-github-request-id
6208:3C1B:79862:99DB9:655B88B3
x-timer
S1700497963.042145,VS0,VE2
etag
W/"655b87e9-1b8d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3P9AqByNUmc3s3BjF%2FPnixIlQ0VoG6Ut6SLqKrVK35IwfSfnBumUCoAfl%2FFcFAqtsj%2BpiK40rUJPHNTDP0TzwDBKXwXIUUZ7qQ3Wj7pmNbp5jXA6mKfUjFrJvtDx0cL8eRHRvEQd"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
x-origin-cache
HIT
cf-ray
8407f1e7ecd92604-MIA
x-cache-hits
1
css2
fonts.googleapis.com/ Frame E3AD 		1 KB
474 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@500&display=swap
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22ec16fa85ebbbba8861f114d18a832e56adae1029d64269ebc049246f6055f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 01:28:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 01:22:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jan 2024 01:28:30 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:32:23 GMT
x-content-type-options
nosniff
age
39367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 14:32:23 GMT
error
api.assertcom.de/ 		0
313 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/error
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.211.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.211.175.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:30 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-39CWM68PTE&gtm=45je4130v9122458175&_p=1704418107434&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=495654607.1704418108&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=1&sid=1704418110&sct=1&seg=0&dl=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&dt=More%20than%2020%20injured%20after%20New%20York%20City%20subway%20train%20derails%20%7C%20Honolulu%20Star-Advertiser&en=ad_impression&_fv=1&_ss=1&ep.query_id=CLrd8Z6MxYMDFS2AdwEdAakPbg&tfd=7255
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/ Frame 0EEE 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://travel.payvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 13:54:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
41622
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138203
x-xss-protection
0
server
cafe
etag
14959461090202361603
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 03 Jan 2025 13:54:48 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 2894 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 13:08:23 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 71f1cca040033ebffc591cf9392d1528.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1
age
44409
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
YFPK_Mvgsy1lE4y0sn9GnGjTBWG3r5-jbCA1GFI0jKpPpx6-OUQ3Ng==
6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
config.aps.amazon-adsystem.com/configs/ Frame 2894 		564 B
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-101.iad12.r.cloudfront.net
Software
CloudFront /
Resource Hash
fca1b23045b6c777d30be22aea1e625ed8240bbc298886c7f3c1fce209ebbac2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:44:49 GMT
via
1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD12-P3
age
2622
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
zgcr7setxhlqsMLwA-KdS7Ft5z90bE_9fNOK5gklcAkwLPIQVE9rjw==
config
c.amazon-adsystem.com/cdn/prod/ Frame 2894 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
Server /
Resource Hash
db474dcae6035d74edd4ebc274e72dfd03922a986af20695b13e292c817b78c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:41:03 GMT
via
1.1 417c242b19212928b079740e6dd8f54c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C1
age
2846
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1764
x-amz-cf-id
Yqq7JHCKNyC_KAVCvz4Si_5RiqnrNHhxjM3VaUoBentf8m2mcAw20A==
bulk-metrics
ch-trc-events.taboola.com/oahu-staradvertiser/log/3/ 		0
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/oahu-staradvertiser/log/3/bulk-metrics?tvi2=10443&tvi48=11657&tvi50=11104&route=US%3ACH%3AV&lti=deflated&bulkSize=12
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.staradvertiser.com
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:31 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
ch-trc-events.taboola.com/oahu-staradvertiser/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/oahu-staradvertiser/log/3/abtests?route=US:CH:V&tvi2=10443&tvi48=11657&tvi50=11104&lti=deflated&ri=b14c472a780da084456a64c8ad9a2bcf&sd=v2_3f710bd07c3e753b785ba6f2ad6c8c40_055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc_1704418108_1704418108_CNawjgYQrK1FGPHH8bnNMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGiX1Mza_5njnMEBcAE&ui=055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc&pi=/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails&wi=5938811235174806824&pt=text&vi=1704418108401&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1704418110975%7D&tim=15%3A28%3A30.975&id=6363&llvl=2&cv=20240104-7-RELEASE&
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:31 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
ch-trc-events.taboola.com/oahu-staradvertiser/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/oahu-staradvertiser/log/3/abtests?route=US:CH:V&tvi2=10443&tvi48=11657&tvi50=11104&lti=deflated&ri=b14c472a780da084456a64c8ad9a2bcf&sd=v2_3f710bd07c3e753b785ba6f2ad6c8c40_055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc_1704418108_1704418108_CNawjgYQrK1FGPHH8bnNMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGiX1Mza_5njnMEBcAE&ui=055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc&pi=/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails&wi=5938811235174806824&pt=text&vi=1704418108401&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1704418110996%7D&tim=15%3A28%3A30.996&id=5338&llvl=2&cv=20240104-7-RELEASE&
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:31 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
web1_CTY-pearlridge-shooting-7861.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_CTY-pearlridge-shooting-7861.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dd58ecb208f99270f46c7f9814f22bb6b69c878e3b90beb637422a2a4998e35f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_CTY-pearlridge-shooting-7861.jpg
age
1088523
edge-cache-tag
527355566972437210843519394552400703906,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
527355566972437210843519394552400703906,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
452
req-referer
https://www.staradvertiser.com/
content-length
68940
x-request-id
a4a362610e5c79a12a970542bd34f4f7
x-served-by
cache-iad-kiad7000131-IAD, cache-iad-kcgs7200045-IAD, cache-ewr18131-EWR, cache-iad-kiad7000119-IAD, cache-mia-kmia1760087-MIA
last-modified
Sat, 23 Dec 2023 11:03:26 GMT
server
nginx
surrogate-reporting
width=760,height=422,bytes=60577,owidth=760,oheight=482,obytes=72965,ef=(1,13,17,23,30)
x-timer
S1704418111.031832,VS0,VE2
etag
"dbc79625b9ab74945892b28cf2d20d97"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 1914, 1
3dbeb7d7-a168-44e1-8d24-e7e9cf5bdb85__fofDlT8r.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/3dbeb7d7-a168-44e1-8d24-e7e9cf5bdb85__fofDlT8r.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3372d61bb24a29b990be815fca8b7c2f37d420489dcbbc965b292422c531d99b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
6
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/3dbeb7d7-a168-44e1-8d24-e7e9cf5bdb85__fofDlT8r.jpg
age
978407
edge-cache-tag
429502360380040084550538264685084002566,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
429502360380040084550538264685084002566,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
226
req-referer
https://www.wordstrivia.com/
content-length
26498
x-request-id
d457eaeaff38cfcb3e360d932ad37aaf
x-served-by
cache-iad-kjyo7100092-IAD, cache-iad-kiad7000037-IAD, cache-lax-kwhp1940072-LAX, cache-iad-kcgs7200095-IAD, cache-mia-kmia1760087-MIA
last-modified
Sun, 24 Dec 2023 17:41:44 GMT
server
nginx
surrogate-reporting
width=1344,height=746,bytes=91558,owidth=1344,oheight=768,obytes=81998,ef=(1,13,17,23,30)
x-timer
S1704418111.031122,VS0,VE6
etag
"009810323a346dabee6ebc562a1d47dd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 2, 1
web1_CTY-Souki-Presser-179.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_CTY-Souki-Presser-179.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8636a73b9878ed61ed093aebaba886d237a65e5f2a9bacc9f1e4fe83df0f5b43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_CTY-Souki-Presser-179.jpg
age
570738
edge-cache-tag
552325519215372412059103937027714375383,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
552325519215372412059103937027714375383,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
469
req-referer
https://www.staradvertiser.com/
content-length
24726
x-request-id
be0f61e5c01d4cab9e87acba39ce05ce
x-served-by
cache-iad-kiad7000176-IAD, cache-iad-kiad7000066-IAD, cache-lax-kwhp1940076-LAX, cache-iad-kiad7000124-IAD, cache-mia-kmia1760087-MIA
last-modified
Fri, 29 Dec 2023 10:56:13 GMT
server
nginx
surrogate-reporting
width=760,height=422,bytes=25991,owidth=760,oheight=509,obytes=35969,ef=(1,13,17,23,30)
x-timer
S1704418111.031111,VS0,VE2
etag
"6c689a81257805405e66bf2e08bde25b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 323, 1
web1_20231225-web-halawa.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_20231225-web-halawa.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a86bc4efae5d48911a9c9d1eb782d0323d456e209dec3bf1bb94f70398142a89

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_20231225-web-halawa.jpg
age
791753
edge-cache-tag
467595658597985235693976725673327835053,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
467595658597985235693976725673327835053,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
435
req-referer
https://www.staradvertiser.com/
content-length
18050
x-request-id
3b2cea591a119cbc56d28ebe59bfdf8d
x-served-by
cache-iad-kjyo7100048-IAD, cache-iad-kjyo7100050-IAD, cache-ewr18163-EWR, cache-iad-kcgs7200070-IAD, cache-mia-kmia1760087-MIA
last-modified
Tue, 26 Dec 2023 21:32:39 GMT
server
nginx
surrogate-reporting
width=760,height=422,bytes=27172,owidth=760,oheight=480,obytes=35689,ef=(1,13,17,23,30)
x-timer
S1704418111.031818,VS0,VE2
etag
"cd7e57027bab0ec93bb693294c02cdb6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 156, 1
rxaopuywd9nmbvpv3wpn.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1702688418/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1702688418/rxaopuywd9nmbvpv3wpn.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
77f63d7c65a401cc35826b9f92ad512cb75d3c25f9090ca3adc2693942584986

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1702688418/rxaopuywd9nmbvpv3wpn.jpg
age
1715226
edge-cache-tag
551250791673032898452963158137280138864,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
551250791673032898452963158137280138864,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1026
req-referer
https://www.nbcnews.com/
content-length
34042
x-request-id
f9ecd700418151386a1d829f6f832736
x-served-by
cache-iad-kjyo7100031-IAD, cache-iad-kiad7000056-IAD, cache-lga21980-LGA, cache-iad-kcgs7200147-IAD, cache-mia-kmia1760087-MIA
last-modified
Sat, 16 Dec 2023 01:00:41 GMT
server
nginx
surrogate-reporting
width=800,height=400,bytes=33394,owidth=800,oheight=450,obytes=35976,ef=(1,13,17,23,30)
x-timer
S1704418111.032866,VS0,VE9
etag
"e49c39cf2097b1c5515625e08cb2e42b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 82, 1
af77a45c1acb96d530d950a8fc746591.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af77a45c1acb96d530d950a8fc746591.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a2a5cf5ea7091d348a4a9294a1deb17adaa92dc33e4a67cf48e2f8735567ea1c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af77a45c1acb96d530d950a8fc746591.png
age
6247478
edge-cache-tag
616798352795341228116901273118547342111,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
616798352795341228116901273118547342111,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
144
expiration
expiry-date="Sun, 08 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://lotto.pch.com/
content-length
17412
x-served-by
cache-iad-kcgs7200116-IAD, cache-iad-kcgs7200116-IAD, cache-lga21933-LGA, cache-iad-kjyo7100087-IAD, cache-mia-kmia1760087-MIA
last-modified
Thu, 07 Sep 2023 02:57:52 GMT
server
nginx
surrogate-reporting
width=1000,height=555,owidth=1000,oheight=600,obytes=839344
x-timer
S1704418111.038249,VS0,VE3
etag
"8b67c5f6e1119fe1ffd6a73c69dcd200"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 28, 1, 7, 1
a05b799a7a725669cf43f9042dc6968b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a05b799a7a725669cf43f9042dc6968b.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3f9cea035234109c3ca1b29416fcc9add9063ae1b2a1fda0a2aeeec451a283e9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a05b799a7a725669cf43f9042dc6968b.jpg
age
2041950
edge-cache-tag
297661626128632844129908423182959651870,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
297661626128632844129908423182959651870,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1933
req-referer
https://wjactv.com/
content-length
10120
x-request-id
17c410679a08d428c7902722928a8d4e
x-served-by
cache-iad-kiad7000172-IAD, cache-iad-kiad7000086-IAD, cache-ewr18181-EWR, cache-iad-kiad7000129-IAD, cache-mia-kmia1760087-MIA
last-modified
Tue, 12 Dec 2023 06:27:57 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=24009,owidth=4800,oheight=2700,obytes=1439031,ef=(1,13,17,23,30)
x-timer
S1704418111.079590,VS0,VE1
etag
"ca3d21e74604bc90f4292f7337451c19"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 675, 1
40f989e0c159fdf23b99a68262bba912.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/40f989e0c159fdf23b99a68262bba912.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
699baa2937619c2d707b5f96d43ddcabe4dec250144f56ee9680b79a59efd1fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/40f989e0c159fdf23b99a68262bba912.jpeg
age
2552127
edge-cache-tag
563353420351332842934155591244207327815,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
563353420351332842934155591244207327815,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
242
req-referer
https://www.msnbc.com/
content-length
30898
x-request-id
f337d75d23ba36870daf29b10fb1f60a
x-served-by
cache-iad-kcgs7200024-IAD, cache-iad-kjyo7100166-IAD, cache-lga21920-LGA, cache-iad-kjyo7100138-IAD, cache-mia-kmia1760087-MIA
last-modified
Wed, 06 Dec 2023 04:40:27 GMT
server
nginx
surrogate-reporting
width=1000,height=500,bytes=55178,owidth=1000,oheight=600,obytes=130280
x-timer
S1704418111.085599,VS0,VE0
etag
"28a8e7ee634d18c62ad8703018b5007c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 74, 2
5593b8acb6d29c5d5a032a8def958e59.webp
images.taboola.com/taboola/image/fetch/$pw_460%2C$ph_256/t_tbl-cnd/https%3A//de9a11s35xj3d.cloudfront.net/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/$pw_460%2C$ph_256/t_tbl-cnd/https%3A//de9a11s35xj3d.cloudfront.net/5593b8acb6d29c5d5a032a8def958e59.webp
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
da60b8624ed3187fd7bb43353bd93cf0f90fc106b077c2174f26f9c4c2495cdb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
13
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/$pw_460%2C$ph_256/t_tbl-cnd/https%3A//de9a11s35xj3d.cloudfront.net/5593b8acb6d29c5d5a032a8def958e59.webp
x-amz-cf-pop
JFK52-P5
age
787026
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT, HIT
x-envoy-upstream-service-time
64
req-referer
https://www.kens5.com/
content-length
12852
x-served-by
cache-iad-kcgs7200052-IAD, cache-mia-kmia1760087-MIA
last-modified
Tue, 26 Dec 2023 16:37:48 GMT
server
nginx
x-timer
S1704418111.086600,VS0,VE13
etag
"7d02393edf7dc15253b1e34af3acaa44"
vary
ImageFormat
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
x-ratelimit-remaining
100
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
x-amz-cf-id
8Y0jPn9tn4mlPTCT3XTRR04tj-GPeJ4LP-ZhAGVz4gs0uQtKv-7GJA==
x-cache-hits
5, 1
5ef896f542dc7c279aaca6d82c3db8c8.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5ef896f542dc7c279aaca6d82c3db8c8.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0299f98d3a69e6794b0be9c4ca011a0b964ebb07df4e40592accf006406a85a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5ef896f542dc7c279aaca6d82c3db8c8.png
age
4181177
edge-cache-tag
446288313853771791717899103975929058383,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
446288313853771791717899103975929058383,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
126
expiration
expiry-date="Sat, 21 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.wordstrivia.com/
content-length
28574
x-served-by
cache-iad-kcgs7200100-IAD, cache-iad-kjyo7100048-IAD, cache-iad-kcgs7200057-IAD, cache-mia-kmia1760087-MIA
last-modified
Wed, 20 Sep 2023 21:32:56 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=33623,owidth=2414,oheight=1476,obytes=4726308
x-timer
S1704418111.086352,VS0,VE2
etag
"c4267ca38fc35fc320fd846b6620e13e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 18804, 1
web1_CTY-pearlridge-shooting-7861.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_CTY-pearlridge-shooting-7861.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d2645456cb5c5ea8a32c52d8b2a2313d2b32656d99d2583551fd6386ad652e6c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
31
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_CTY-pearlridge-shooting-7861.jpg
age
1087280
edge-cache-tag
527355566972437210843519394552400703906,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
527355566972437210843519394552400703906,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
513
req-referer
https://www.staradvertiser.com/
content-length
84058
x-request-id
09be9c43cf7283ba325c6c86f52f9731
x-served-by
cache-iad-kjyo7100076-IAD, cache-iad-kjyo7100147-IAD, cache-lga21943-LGA, cache-iad-kiad7000167-IAD, cache-mia-kmia1760087-MIA
last-modified
Sat, 23 Dec 2023 11:03:26 GMT
server
nginx
surrogate-reporting
width=760,height=380,bytes=53443,owidth=760,oheight=482,obytes=72965,ef=(1,13,17,23,30)
x-timer
S1704418111.086281,VS0,VE31
etag
"9b315389291b9ace80db142cc4bebdfb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 51, 0
web1_CTY-Souki-Presser-179.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_CTY-Souki-Presser-179.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dd68d9f527d4ecda69f14611874f498dfe40b7fac3b1cd198bfbda76dcd432cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
31
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_CTY-Souki-Presser-179.jpg
age
570108
edge-cache-tag
552325519215372412059103937027714375383,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
552325519215372412059103937027714375383,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time
541
req-referer
https://www.staradvertiser.com/
content-length
32080
x-request-id
414285a4ba81ec86d0d030ed69ae25d4
x-served-by
cache-iad-kcgs7200087-IAD, cache-iad-kjyo7100030-IAD, cache-lga21952-LGA, cache-iad-kiad7000057-IAD, cache-mia-kmia1760087-MIA
last-modified
Fri, 29 Dec 2023 10:56:12 GMT
server
nginx
surrogate-reporting
width=760,height=380,bytes=23885,owidth=760,oheight=509,obytes=35969,ef=(1,13,17,23,30)
x-timer
S1704418111.086279,VS0,VE31
etag
"617fbf393c2947f60d9516cdb2673fc0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 18, 0
web1_20231225-web-halawa.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_20231225-web-halawa.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d177fb9d7629d5934c57175f0806c0247153c88279ab8c6868a0afa20f347e88

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
560
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_20231225-web-halawa.jpg
age
791228
edge-cache-tag
467595658597985235693976725673327835053,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
467595658597985235693976725673327835053,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, MISS
x-envoy-upstream-service-time
522
req-referer
https://www.staradvertiser.com/
content-length
19648
x-request-id
7e532bd054a66e299dfa8f8d8d15884b
x-served-by
cache-iad-kiad7000130-IAD, cache-iad-kiad7000135-IAD, cache-ewr18174-EWR, cache-iad-kjyo7100144-IAD, cache-mia-kmia1760087-MIA
last-modified
Tue, 26 Dec 2023 21:32:39 GMT
server
nginx
surrogate-reporting
width=760,height=380,bytes=21350,owidth=760,oheight=480,obytes=35689,ef=(1,13,17,23,30)
x-timer
S1704418111.116042,VS0,VE560
etag
"85a3327032cc09900f08fe340b12565d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 1, 0, 0
web1_2019-Hawaii-police-car-cropped.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/web1_2019-Hawaii-police-car-cropped.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9a9acc4a36b345253c9f8dbf26d4e0094beb775176480b63ebeeadba1c1f9d3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
28
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/web1_2019-Hawaii-police-car-cropped.jpg
age
203924
edge-cache-tag
526610797206543403156506429690488918408,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
526610797206543403156506429690488918408,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time
597
req-referer
https://www.staradvertiser.com/
content-length
39342
x-request-id
292d65f95a1c2cd8aee92567fa2f3ac2
x-served-by
cache-iad-kcgs7200026-IAD, cache-iad-kjyo7100083-IAD, cache-lga21956-LGA, cache-iad-kjyo7100117-IAD, cache-mia-kmia1760087-MIA
last-modified
Tue, 02 Jan 2024 16:48:28 GMT
server
nginx
surrogate-reporting
width=720,height=360,bytes=27936,owidth=720,oheight=480,obytes=48309,ef=(1,13,17,23,30)
x-timer
S1704418111.128526,VS0,VE28
etag
"0ee115a819b03a8a652193a6e718dfa6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 16, 0
collect
v.clarity.ms/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.staradvertiser.com
Date
Fri, 05 Jan 2024 01:28:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
web1_SPT-uh-af-3359.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/web1_SPT-uh-af-3359.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
40d560c34325d7512ed96d5bd7216d0cf760c7be324431153500c9bf58276426

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
27
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/web1_SPT-uh-af-3359.jpg
age
140194
edge-cache-tag
302978369652289883091900341204389831762,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
302978369652289883091900341204389831762,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
256
req-referer
https://www.staradvertiser.com/
content-length
20408
x-request-id
55ccb63c87e37631198933ba5c716833
x-served-by
cache-iad-kjyo7100167-IAD, cache-iad-kjyo7100070-IAD, cache-lga21966-LGA, cache-iad-kjyo7100129-IAD, cache-mia-kmia1760087-MIA
last-modified
Wed, 03 Jan 2024 10:21:05 GMT
server
nginx
surrogate-reporting
width=760,height=380,bytes=35767,owidth=760,oheight=529,obytes=47401,ef=(1,13,17,23,30)
x-timer
S1704418111.128467,VS0,VE27
etag
"dffd018ddf055a0a51cb3085a91a8127"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 7, 0
3dbeb7d7-a168-44e1-8d24-e7e9cf5bdb85__fofDlT8r.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/3dbeb7d7-a168-44e1-8d24-e7e9cf5bdb85__fofDlT8r.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
874003c0763583cb8388e4f2979a7d1b26edd3d66bfa7d1565a319274c947680

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/3dbeb7d7-a168-44e1-8d24-e7e9cf5bdb85__fofDlT8r.jpg
age
978407
edge-cache-tag
429502360380040084550538264685084002566,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
429502360380040084550538264685084002566,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
274
req-referer
https://www.gobankingrates.com/
content-length
27372
x-request-id
d457eaeaff38cfcb3e360d932ad37aaf
x-served-by
cache-iad-kjyo7100092-IAD, cache-iad-kiad7000037-IAD, cache-lga21976-LGA, cache-iad-kjyo7100049-IAD, cache-mia-kmia1760087-MIA
last-modified
Sun, 24 Dec 2023 17:41:44 GMT
server
nginx
surrogate-reporting
width=1344,height=746,bytes=91558,owidth=1344,oheight=768,obytes=81998,ef=(1,13,17,23,30)
x-timer
S1704418111.136809,VS0,VE1
etag
"009810323a346dabee6ebc562a1d47dd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 1
rxaopuywd9nmbvpv3wpn.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1702688418/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1702688418/rxaopuywd9nmbvpv3wpn.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d9a2077c74530c11a701de2b7637691f24b06c67638a29944b67a0205e859475

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1702688418/rxaopuywd9nmbvpv3wpn.jpg
age
1729670
edge-cache-tag
551250791673032898452963158137280138864,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
551250791673032898452963158137280138864,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
246
req-referer
https://www.eonline.com/
content-length
39214
x-request-id
8bf1f7aae9af816ef400ea8a9384e94e
x-served-by
cache-iad-kjyo7100110-IAD, cache-iad-kiad7000125-IAD, cache-lax-kwhp1940035-LAX, cache-iad-kjyo7100108-IAD, cache-mia-kmia1760087-MIA
last-modified
Sat, 16 Dec 2023 01:00:41 GMT
server
nginx
surrogate-reporting
width=800,height=444,bytes=37847,owidth=800,oheight=450,obytes=35976,ef=(1,13,17,23,30)
x-timer
S1704418111.155833,VS0,VE0
etag
"6d76847306e5f4edd0e1f3ff00000870"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 37, 2
web1_14530505-53ce4c6bbd4b4834a48ea11c9d1705c9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_14530505-53ce4c6bbd4b4834a48ea11c9d1705c9.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7183835dcf312b08d1e179a329650b3171611cf3f020abae21ae9fd9291f33b8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
26
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_14530505-53ce4c6bbd4b4834a48ea11c9d1705c9.jpg
age
521415
edge-cache-tag
343203494504510682910969195191798542471,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
343203494504510682910969195191798542471,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time
354
req-referer
https://www.staradvertiser.com/
content-length
27672
x-request-id
8f82c1c758fa0752699aa196e744ebfb
x-served-by
cache-iad-kjyo7100117-IAD, cache-iad-kiad7000058-IAD, cache-lga21963-LGA, cache-iad-kiad7000058-IAD, cache-mia-kmia1760087-MIA
last-modified
Sat, 30 Dec 2023 00:38:16 GMT
server
nginx
surrogate-reporting
width=760,height=422,bytes=47657,owidth=760,oheight=507,obytes=56244,ef=(1,13,17,23,30)
x-timer
S1704418111.156339,VS0,VE26
etag
"55ccece7d7662297cfe4f9938ab35377"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 49, 0
AP24002435528738.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/AP24002435528738.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2fb2594dc882d1b768abb049d139510cbc49909e120ad566f0ad48170b265a8d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/AP24002435528738.jpg
age
180076
edge-cache-tag
384683758829418784590909446971469871034,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
384683758829418784590909446971469871034,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
326
req-referer
https://www.staradvertiser.com/
content-length
21224
x-request-id
1fabce1927803f56ebc70c6ced113f86
x-served-by
cache-iad-kcgs7200161-IAD, cache-iad-kcgs7200114-IAD, cache-lga21945-LGA, cache-iad-kiad7000136-IAD, cache-mia-kmia1760087-MIA
last-modified
Tue, 02 Jan 2024 23:26:51 GMT
server
nginx
surrogate-reporting
width=760,height=422,bytes=43503,owidth=760,oheight=507,obytes=307491,ef=(1,13,17,23,30)
x-timer
S1704418111.173984,VS0,VE1
etag
"93a25778530f75bbae97707095e335d7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 17, 1
web1_SPT-uh-uci-408.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/web1_SPT-uh-uci-408.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8b1d8872f94436193145e8672ee2ffcc9ce622bc226f92300e5da33ff128a1e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
28
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/web1_SPT-uh-uci-408.jpg
age
140404
edge-cache-tag
293429616918938515051118280413705771112,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
293429616918938515051118280413705771112,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
351
req-referer
https://www.staradvertiser.com/
content-length
36382
x-request-id
03a4a2fd26a1cc2f2275edaf8f62ee87
x-served-by
cache-iad-kjyo7100126-IAD, cache-iad-kiad7000033-IAD, cache-lga21925-LGA, cache-iad-kcgs7200072-IAD, cache-mia-kmia1760087-MIA
last-modified
Wed, 03 Jan 2024 10:24:23 GMT
server
nginx
surrogate-reporting
width=760,height=422,bytes=54255,owidth=760,oheight=524,obytes=77073,ef=(1,13,17,23,30)
x-timer
S1704418111.192509,VS0,VE28
etag
"bb800ad2d0c983c203428e7af42eeb99"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2, 9, 1
I-WAS._-1987-11-23_497-151-003F.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/I-WAS._-1987-11-23_497-151-003F.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c6a10c3d477fcb788e9e03b79db2bee78b54224f6ec75ddecdb97727df9c0338

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
28
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/I-WAS._-1987-11-23_497-151-003F.jpg
age
1004236
edge-cache-tag
477147625468432718226574409586900239689,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
477147625468432718226574409586900239689,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
550
req-referer
https://www.staradvertiser.com/
content-length
61296
x-request-id
1ae85e78aa25efb408f888990b08e7f7
x-served-by
cache-iad-kcgs7200138-IAD, cache-iad-kiad7000093-IAD, cache-lga21974-LGA, cache-iad-kcgs7200142-IAD, cache-mia-kmia1760087-MIA
last-modified
Sun, 24 Dec 2023 10:23:43 GMT
server
nginx
surrogate-reporting
width=760,height=422,bytes=61080,owidth=760,oheight=480,obytes=221685,ef=(1,13,17,23,30)
x-timer
S1704418111.195807,VS0,VE28
etag
"8fa1aba301f94e9a7380a7cb084adecd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 29, 1
web1_AP22154422169247.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/web1_AP22154422169247.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2321505c3ded4d5839f88d0652d240ce7a84cfb3d9edf0f2245308614c0431a4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
27
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/web1_AP22154422169247.jpg
age
106481
edge-cache-tag
580732444558609509397407283966881427674,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
580732444558609509397407283966881427674,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time
522
req-referer
https://www.staradvertiser.com/
content-length
87730
x-request-id
101d6fb22164cdc1b1bef468f97f1e80
x-served-by
cache-iad-kiad7000079-IAD, cache-iad-kjyo7100065-IAD, cache-lax-kwhp1940069-LAX, cache-iad-kjyo7100147-IAD, cache-mia-kmia1760087-MIA
last-modified
Wed, 03 Jan 2024 19:52:43 GMT
server
nginx
surrogate-reporting
width=760,height=422,bytes=75337,owidth=760,oheight=507,obytes=87380,ef=(1,13,17,23,30)
x-timer
S1704418111.195782,VS0,VE27
etag
"a9e46c81f1ec5f636af671b2925b2012"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 18, 0
40f989e0c159fdf23b99a68262bba912.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/40f989e0c159fdf23b99a68262bba912.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
72d34c54978f207006a2ad6ebc49b37eb70e7626cc42f673cd3363db294365dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/40f989e0c159fdf23b99a68262bba912.jpeg
age
2580485
edge-cache-tag
563353420351332842934155591244207327815,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
563353420351332842934155591244207327815,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
231
req-referer
https://www.eonline.com/news/1390908/young-and-the-restless-actor-billy-millers-cause-of-death-revealed
content-length
33298
x-request-id
95d458fe7dbf47a4febf03f7f6ad880e
x-served-by
cache-iad-kcgs7200058-IAD, cache-iad-kcgs7200056-IAD, cache-lga21964-LGA, cache-iad-kiad7000143-IAD, cache-mia-kmia1760087-MIA
last-modified
Wed, 06 Dec 2023 04:40:27 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=59107,owidth=1000,oheight=600,obytes=130280
x-timer
S1704418111.208083,VS0,VE1
etag
"eeb6b742be1d3576d138dd7164b775f1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 23, 1
af77a45c1acb96d530d950a8fc746591.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af77a45c1acb96d530d950a8fc746591.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ae87fcd040631fed20f37175acc21a37dc4315b4fb65ca0df0b017294010eab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af77a45c1acb96d530d950a8fc746591.png
age
6247477
edge-cache-tag
616798352795341228116901273118547342111,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
616798352795341228116901273118547342111,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
313
expiration
expiry-date="Wed, 06 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.wowt.com/
content-length
41882
x-served-by
cache-iad-kcgs7200116-IAD, cache-iad-kjyo7100131-IAD, cache-iad-kcgs7200166-IAD, cache-mia-kmia1760087-MIA
last-modified
Sun, 06 Aug 2023 06:42:44 GMT
server
nginx
x-timer
S1704418111.215699,VS0,VE1
etag
"8b67c5f6e1119fe1ffd6a73c69dcd200"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 267, 1
web1_14527356-c1a2e4af3cb3455e96a04ed0d4ba26eb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_14527356-c1a2e4af3cb3455e96a04ed0d4ba26eb.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1cc87d1cb6af2a80192b4426bc37fd60a07238a8211ecf90356bee8fcc187ba8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
30
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_14527356-c1a2e4af3cb3455e96a04ed0d4ba26eb.jpg
age
644217
edge-cache-tag
562121993273326133836023985418348134986,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
562121993273326133836023985418348134986,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time
509
req-referer
https://www.staradvertiser.com/
content-length
66396
x-request-id
c6f4dab1e7ce6e194ac33852bd502823
x-served-by
cache-iad-kcgs7200036-IAD, cache-iad-kcgs7200147-IAD, cache-ewr18172-EWR, cache-iad-kcgs7200075-IAD, cache-mia-kmia1760087-MIA
last-modified
Thu, 28 Dec 2023 14:31:34 GMT
server
nginx
surrogate-reporting
width=760,height=422,bytes=56155,owidth=760,oheight=427,obytes=63890,ef=(1,13,17,23,30)
x-timer
S1704418111.240302,VS0,VE30
etag
"dd82ec3b90feaef085d3585bf2d87359"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 109, 0
web1_Mollena--1-.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_Mollena--1-.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
20e37e12e4611f478cee696d0cdd0a32bb2ac57ea224e2f6d1398e06f422a400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_Mollena--1-.jpg
age
787864
edge-cache-tag
301400544327420673541649247993901796030,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
301400544327420673541649247993901796030,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
939
req-referer
https://www.staradvertiser.com/
content-length
26470
x-request-id
08d663cf7c95b78e7d51eb614b64397d
x-served-by
cache-iad-kiad7000131-IAD, cache-iad-kcgs7200026-IAD, cache-lax-kwhp1940063-LAX, cache-iad-kjyo7100125-IAD, cache-mia-kmia1760087-MIA
last-modified
Tue, 26 Dec 2023 22:35:32 GMT
server
nginx
surrogate-reporting
width=750,height=416,bytes=30310,owidth=750,oheight=750,obytes=51350,ef=(1,13,17,23,30)
x-timer
S1704418111.253192,VS0,VE2
etag
"d811d4bdc23fc4f459592f2fa127f0e1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 32, 1
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 06 Jan 2024 01:28:31 GMT
32202822055745462659705d2b64346.47145170playlist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 		307 B
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/32202822055745462659705d2b64346.47145170playlist.m3u8
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c7f8544a2ec5c47287e9634c4777d8599a2ac0b4e67693aaf57cd28eb690a33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:40:24 GMT
via
1.1 08f45c153a856ff7955174d0e6f60744.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
age
20888
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
307
last-modified
Thu, 04 Jan 2024 19:25:03 GMT
server
AmazonS3
etag
"04b250460191e390e907f45e9249244b"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
AdN_BXCdes_lpKT-uokdFbpX7tofUpxsSRJKWLWJxesFDq21i54P0Q==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=YAMFxqR3qCYbUd0e&instance=214055123&version=7.29.3-U&age=240105&cmd=IMA&key=y3roexcY&c_id=13479&seq=1&order=4&vIndex=0&absoluteTime=7542.3&relativeTime=3185.2&EXTREF=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/&REF=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/&playerCfg=FL&recoveryMethod=NONE&imaVersion=3.609.1&blocked=false&recovered=false&hasAdParams=true&imaAttempt=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.145.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-145-94.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:31 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
ads
pubads.g.doubleclick.net/gampad/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C5136785%2Fhonolulustar-advertiser-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2631244&plcmt=2&vid=3287948&us_privacy=1---&cust_params=sessionKey%3D214055123-YAMFxqR3qCYbUd0e%26schain%3Dstnvideo.com%2CSTN_0001779%26content%3D13512%26placementType%3DPremium%26embed%3Dy3roexcY%26domain%3Dstaradvertiser.com%26player_size%3Dsmall%26player_width%3D300%26player_height%3D169%26player_type%3Dfloat%26smartmatch%3Dno%26version%3D7.29.3-U%26player_status%3DLVFNSNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00392%26rand%3D2%26uhr%3D15%26us_privacy%3D1---%26keywchk%3Dok
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ab409174b8e147272d2465e0665a4a454bb8d4e8b6b3fb64a6d0f3eb72bdcc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1060
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-137034616-28&cid=495654607.1704418108&jid=957412522&gjid=501247779&_gid=1065753684.1704418108&_u=aDDAAUABAAAAACAAI~&z=1378253805
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 05 Jan 2024 01:28:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-16272709-1&cid=495654607.1704418108&jid=23074486&_u=YADAAEAAAAAAACAAI~&z=2062327402
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::93 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 0C9E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:31 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:31 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
server
AkamaiGHost
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
envelope
lexicon.33across.com/v1/ 		42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00001rrPUnAAM&gdpr=0&src=pbjs&ver=7.42.0
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:30 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
prebid
id5-sync.com/api/config/ 		135 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
9122d35ca0b1532a344f0801f9004b862de73fe3ec70d6eb04a345cc02e8e2a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		75 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?c=17248
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.193.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-193-20.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
dd0f92add06ef2856ff0e4e8c41f38aca95a9f00cac3e770bd2f1effe8ba6bc8

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:31 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
x-server
10.40.8.123
access-control-allow-credentials
true
content-length
75
expires
0
rid
match.adsrvr.org/track/ 		108 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
c90cb46d6459b01ab561c8ee788e7bdb5b872298455ebd0f6a4e29271d0ffbfc

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:31 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 04 Feb 2024 01:28:31 GMT
envelope
api.rlcdn.com/api/identity/ 		0
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=88
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
b9e8126a-a546-48ae-9dc7-dd9b2e497b11
ex.ingage.tech/v1/sync/unruly/ Frame 0C40
Redirect Chain
  • https://ex.ingage.tech/v1/syncPage/unruly?userId=b9e8126a-a546-48ae-9dc7-dd9b2e497b11&to=https%3A%2F%2Fsync.1rx.io%2Fusersync2%2Frmpssp%3Fsub%3Dinsticator
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator&zcc=1&cb=1704418111816
  • https://ad.turn.com/r/cs?pid=45&rndcb=7687198132
  • https://sync.1rx.io/usersync/turn/7898252983751812422?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2FsyncPage%2Funruly%3Fuid%3DRX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
  • https://ex.ingage.tech/v1/syncPage/unruly?uid=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
  • https://ex.ingage.tech/v1/sync/unruly/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/unruly/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
cf-ray
8407f1f7daebdb05-MIA
date
Fri, 05 Jan 2024 01:28:33 GMT
server
cloudflare
vary
Origin

Redirect headers

access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-ray
8407f1f7399cdb05-MIA
content-length
0
date
Fri, 05 Jan 2024 01:28:33 GMT
location
/v1/sync/unruly/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
server
cloudflare
vary
Origin
/
de.tynt.com/deb/ Frame AE0A
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
4bf731601c2eb22358ec29bbceb54f60d332d912c76c0efb8022255ba5adaaeb

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1403
content-type
text/html
date
Fri, 05 Jan 2024 01:28:31 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Fri, 05 Jan 2024 01:28:31 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
sync-iframe
cs-server-s2s.yellowblue.io/ Frame F81B 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Frisecodes%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.227.185.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-185-122.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
4038be920cab9a1782bc4ad34df7a2d2ff81abfb87b894f8d46c4a96f9431955

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.staradvertiser.com/
content-type
text/html
date
Fri, 05 Jan 2024 01:28:31 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
b9e8126a-a546-48ae-9dc7-dd9b2e497b11
ex.ingage.tech/v1/sync/openx/ Frame 63B5
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=b355ce4f-581b-4a1c-8c84-81fe81e4bc39&r=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fopenx%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
  • https://ex.ingage.tech/v1/sync/openx/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=45e60238-042b-420a-af51-f1abce306690
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/openx/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=45e60238-042b-420a-af51-f1abce306690
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
cf-ray
8407f1ec3c52db05-MIA
date
Fri, 05 Jan 2024 01:28:31 GMT
server
cloudflare
vary
Origin

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Fri, 05 Jan 2024 01:28:31 GMT
location
https://ex.ingage.tech/v1/sync/openx/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=45e60238-042b-420a-af51-f1abce306690
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
cs.html
cs.seedtag.com/ Frame ABC5 		51 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac2397fbe331fb7cc8c5325752c4af7d6c5cb9204a1f810b89fc93c372cbdd37

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
387
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=86400
cf-cache-status
HIT
cf-ray
8407f1ef1bae0996-MIA
content-encoding
br
content-type
text/html
date
Fri, 05 Jan 2024 01:28:31 GMT
etag
W/"e1932830098c932fee98b7cc79857ecc"
expires
Sat, 06 Jan 2024 01:28:31 GMT
last-modified
Wed, 13 Dec 2023 15:57:21 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1702483041418398
x-goog-hash
crc32c=eQLC6w== md5=4ZMoMAmMky/umLfMeYV+zA==
x-goog-metageneration
2
x-goog-storage-class
REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
15379
x-guploader-uploadid
ABPtcPqQUW9Ut1klZTvWkW2Q_7IAcAjCdJeP_ckmbF8EwQ_u4Ys9aMqWSOAq57wDGm-dA-ar934GwL-8PQ
/
de.tynt.com/deb/ Frame CDB8
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&b=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&b=1
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
4bf731601c2eb22358ec29bbceb54f60d332d912c76c0efb8022255ba5adaaeb

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1403
content-type
text/html
date
Fri, 05 Jan 2024 01:28:31 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Fri, 05 Jan 2024 01:28:31 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
b9e8126a-a546-48ae-9dc7-dd9b2e497b11
ex.ingage.tech/v1/sync/sharethrough/ Frame 7269
Redirect Chain
  • https://ex.ingage.tech/v1/syncPage/sharethrough?userId=b9e8126a-a546-48ae-9dc7-dd9b2e497b11&to=https%3A%2F%2Fmatch.sharethrough.com%2Funiversal%2Fv1%3Fsupply_id%3Djc3Tkmr6
  • https://match.sharethrough.com/universal/v1?supply_id=jc3Tkmr6
  • https://ex.ingage.tech/v1/syncPage/sharethrough?uid=c73598e4-19af-4225-ad41-0db5af961cdf
  • https://ex.ingage.tech/v1/sync/sharethrough/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=c73598e4-19af-4225-ad41-0db5af961cdf
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/sharethrough/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=c73598e4-19af-4225-ad41-0db5af961cdf
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
cf-ray
8407f1f01b7ddb05-MIA
date
Fri, 05 Jan 2024 01:28:32 GMT
server
cloudflare
vary
Origin

Redirect headers

access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-ray
8407f1efaab6db05-MIA
content-length
0
date
Fri, 05 Jan 2024 01:28:31 GMT
location
/v1/sync/sharethrough/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=c73598e4-19af-4225-ad41-0db5af961cdf
server
cloudflare
vary
Origin
rubicon
ex.ingage.tech/v1/syncPage/ Frame 0868 		951 B
521 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/syncPage/rubicon?userId=b9e8126a-a546-48ae-9dc7-dd9b2e497b11&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-ray
8407f1ebebc6db05-MIA
content-encoding
gzip
content-type
text/html
date
Fri, 05 Jan 2024 01:28:31 GMT
server
cloudflare
vary
Origin
/
ssc-cms.33across.com/ps/ Frame C791 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=ap8uL8Rtmr6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP015 /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Fri, 05 Jan 2024 01:28:31 GMT
server
33XP015
x-33x-status
2000208
async_usersync.html
acdn.adnxs.com/dmp/ Frame 012D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
72144
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 05 Jan 2024 01:28:31 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 24 Dec 2023 05:31:43 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
360, 174533
X-Served-By
cache-lga13626-LGA, cache-mia-kmia1760033-MIA
X-Timer
S1704418111.431681,VS0,VE0
b9e8126a-a546-48ae-9dc7-dd9b2e497b11
ex.ingage.tech/v1/sync/loopme/ Frame 7802
Redirect Chain
  • https://csync.loopme.me/?pubid=11530&redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Floopme%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D%7Bviewer_token%7D
  • https://ex.ingage.tech/v1/sync/loopme/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=d08b0939-e7dd-47e1-a1ce-13919d351d77
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/loopme/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=d08b0939-e7dd-47e1-a1ce-13919d351d77
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
cf-ray
8407f1f00b72db05-MIA
date
Fri, 05 Jan 2024 01:28:32 GMT
server
cloudflare
vary
Origin

Redirect headers

content-length
0
date
Fri, 05 Jan 2024 01:28:31 GMT
location
https://ex.ingage.tech/v1/sync/loopme/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=d08b0939-e7dd-47e1-a1ce-13919d351d77
server
_
isyn
prebid.a-mo.net/ Frame B7FB 		2 KB
723 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CtABShZ3d3cuc3RhcmFkdmVydGlzZXIuY29tUgthYXMtNjQ1NzE1N1oIcGJhMS4zLjJqFnd3dy5zdGFyYWR2ZXJ0aXNlci5jb236AQY3LjQyLjDoAgGIA7q23awGqAM66gMkNTk5MjZhNGEtNDI3Ni00MjJhLWE4NGUtMzYwMjUwODQ1ZjliqgQDRENIsgUDVVNE0gUJMTA1MTk5Mzg42AUB4AUB6gUHZGVza3RvcPoFA255NaoHA3dlYsoHEnN0YXJhZHZlcnRpc2VyLmNvbeAHAQ
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
53d479caefed709cfad8bad82772e42a205fdc70270b432a04f6014815668daa

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
634
content-type
text/html; charset=utf-8
date
Fri, 05 Jan 2024 01:28:30 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
0
ixmatch.html
js-sec.indexww.com/um/ Frame E035 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
909
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8407f1ebfbf28bff-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:31 GMT
expires
Fri, 05 Jan 2024 05:28:31 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
0
prebid.a-mo.net/cchain/ Frame D9E5 		2 KB
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/cchain/0?gdpr=0&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Famx%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
53d479caefed709cfad8bad82772e42a205fdc70270b432a04f6014815668daa

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
634
content-type
text/html; charset=utf-8
date
Fri, 05 Jan 2024 01:28:30 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
pd
us-u.openx.net/w/1.0/ Frame D939 		880 B
843 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
334ee0fabc7c117fdb54cce96ab1e0683fc5857268ff6d82013a26ea2595620e

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
548
content-type
text/html
date
Fri, 05 Jan 2024 01:28:31 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ps
ssc-cms.33across.com/ Frame 4D37 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps?m=xch&rt=html&id=0010b00001rrPUnAAM&ru=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2F33across%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D33XUSERID33X
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP016 /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Fri, 05 Jan 2024 01:28:31 GMT
server
33XP016
x-33x-status
2000208
usync.html
eus.rubiconproject.com/ Frame 54D8 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:31 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3ADB 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71429
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 05 Jan 2024 01:28:31 GMT
expires
Fri, 05 Jan 2024 21:19:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
b9e8126a-a546-48ae-9dc7-dd9b2e497b11
ex.ingage.tech/v1/sync/sonobi/ Frame D29D
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsonobi%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
  • https://ex.ingage.tech/v1/sync/sonobi/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=770043a8-af77-46db-9a99-c38ce904d888
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/sonobi/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=770043a8-af77-46db-9a99-c38ce904d888
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
cf-ray
8407f1eeb8a1db05-MIA
date
Fri, 05 Jan 2024 01:28:31 GMT
server
cloudflare
vary
Origin

Redirect headers

cache-control
no-cache, no-store, private
content-length
0
content-type
text/plain; charset=utf8
date
Fri, 05 Jan 2024 01:28:31 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://ex.ingage.tech/v1/sync/sonobi/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=770043a8-af77-46db-9a99-c38ce904d888
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma
no-cache
server
sonobi-go
tcn
Choice
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-180
x-xss-protection
0
/
de.tynt.com/deb/ Frame A7BA
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
4bf731601c2eb22358ec29bbceb54f60d332d912c76c0efb8022255ba5adaaeb

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1403
content-type
text/html
date
Fri, 05 Jan 2024 01:28:31 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Fri, 05 Jan 2024 01:28:31 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
b9e8126a-a546-48ae-9dc7-dd9b2e497b11
ex.ingage.tech/v1/sync/colossus/ Frame 7E92
Redirect Chain
  • https://sync.colossusssp.com/dfbcab6866523fad621f413a5998f670.gif?puid=638&redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fcolossus%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D%5BUID%5D
  • https://ex.ingage.tech/v1/sync/colossus/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=1e2c6b9b-b313-4977-8d47-506b6f116205
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/colossus/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=1e2c6b9b-b313-4977-8d47-506b6f116205
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
cf-ray
8407f1ef5a2ddb05-MIA
date
Fri, 05 Jan 2024 01:28:31 GMT
server
cloudflare
vary
Origin

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Fri, 05 Jan 2024 01:28:31 GMT
Expires
0
Location
https://ex.ingage.tech/v1/sync/colossus/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=1e2c6b9b-b313-4977-8d47-506b6f116205
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
usermatch
ssum-sec.casalemedia.com/ Frame 39BB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D&s=192379&C=1
2 KB
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D&s=192379&C=1
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73fc8b08e26f9c76288a7df30b72e18ae805feaf1bbc0e90a021a9ee8146d4d3

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8407f1ecb9fbdb09-MIA
content-encoding
br
content-type
text/html
date
Fri, 05 Jan 2024 01:28:31 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzQdtYRlcFrOjm%2F5S7hEo%2F3FPVuRuF%2BXFL%2BjY11m10rVyRsIO8P1dX%2B95KdiTkClHxOwhfZ8EHysY7uW2Kp4VZWRSS%2FV1sixlbJ3Ra3tRO31YQMfBoEb1xleCAqM4%2FHQzSuuc93A61BtLw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8407f1ec28d3db09-MIA
content-length
0
date
Fri, 05 Jan 2024 01:28:31 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D&s=192379&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OB3KDAAQu7Q9VvECCFWcgSaK9GuCuZ1lUPvSm1cGyCAiFFqkByuNEOMbzkqsAxDvFEPPgrxQeW%2FuHRjqIeq2MOimKjZap28eqBP6sC00VdWPfs3Q1XZL1%2BPkqY1cb%2BApAyYk%2B2a4vvqkBA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
b9e8126a-a546-48ae-9dc7-dd9b2e497b11
ex.ingage.tech/v1/sync/sovrn/ Frame F753
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D%24UID
  • https://ex.ingage.tech/v1/sync/sovrn/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=H8B4hBZHEQ_m7NwFTi24NL7-
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/sovrn/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=H8B4hBZHEQ_m7NwFTi24NL7-
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6/44ae1bc9-39ac-40a1-9587-732e6779e89f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
cf-ray
8407f1ec9ce0db05-MIA
date
Fri, 05 Jan 2024 01:28:31 GMT
server
cloudflare
vary
Origin

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Fri, 05 Jan 2024 01:28:31 GMT
Location
https://ex.ingage.tech/v1/sync/sovrn/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=H8B4hBZHEQ_m7NwFTi24NL7-
X-Sovrn-Pod
ad_ap1dca1
gtm.js
www.googletagmanager.com/ 		137 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TV3WXZ5
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc14a42fc3dcdc24b56289a3d40205874f08958e49ecc96deb22e3828c5378b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53274
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 Jan 2024 01:28:31 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 0EEE 		503 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travel.payvibe.com/
Origin
https://travel.payvibe.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Jan 2025 00:44:06 GMT
truncated
/ Frame F936 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72c122620b15451a00824678bd71afa67ed964e294fbc454a2b93bcfa447daee

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame F936 		0
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=426461
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYE1IrdWHygR6T%2Fg%2BM8PIvA3UM59bzQyJWlpBIoSzl1uw%2Bjo%2Fflp8GIveh3Tn%2FTtkWiVVgirU3PzVjWdkxMKs%2BEeIrlcAlAg8w57jigFwtgcfR%2FAHJz%2FJIRsqh233ZT0otZTyX2Vjn5m%2F5RwdkJPTRywzg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
8407f1ef192f0979-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
F6dPPgxK1-JjyUAQW0aC
hadron.json
id.hadron.ad.gt/v1/ 		103 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=0&partner_id=251&sync=1&domain=www.staradvertiser.com&url=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b33513cbdfdddad5bae74f5ba3bdaaed763339ae234a6c153203368bc8d11db

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:32 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
8407f1f04a872245-MIA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=0&partner_id=251&sync=1&domain=www.staradvertiser.com&url=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
8407f1efa9872245-MIA
content-length
0
content-type
application/json
date
Fri, 05 Jan 2024 01:28:31 GMT
debug
OPTIONS block
expires
Sat, 04 Jan 2025 01:28:31 GMT
server
cloudflare
32202822055745462659705d2b64346.47145170.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		409 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/32202822055745462659705d2b64346.47145170.m3u8
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0da2ffd388482a0d1c0df6a94df4789f161e0ea67e45d3241c0bb85fab8d4567

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:40:26 GMT
via
1.1 08f45c153a856ff7955174d0e6f60744.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
age
20886
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
409
last-modified
Thu, 04 Jan 2024 19:25:03 GMT
server
AmazonS3
etag
"81a03191467082a3268286e97a83735c"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
gFykNEPOQ17g8BPOe6piO60XFN4Phkr3irn6NYjkdEU1AjdxoZIHiA==
40f989e0c159fdf23b99a68262bba912.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/40f989e0c159fdf23b99a68262bba912.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
699baa2937619c2d707b5f96d43ddcabe4dec250144f56ee9680b79a59efd1fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/40f989e0c159fdf23b99a68262bba912.jpeg
age
2552127
edge-cache-tag
563353420351332842934155591244207327815,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
563353420351332842934155591244207327815,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
242
req-referer
https://www.msnbc.com/
content-length
30898
x-request-id
f337d75d23ba36870daf29b10fb1f60a
x-served-by
cache-iad-kcgs7200024-IAD, cache-iad-kjyo7100166-IAD, cache-lga21920-LGA, cache-iad-kjyo7100138-IAD, cache-mia-kmia1760087-MIA
last-modified
Wed, 06 Dec 2023 04:40:27 GMT
server
nginx
surrogate-reporting
width=1000,height=500,bytes=55178,owidth=1000,oheight=600,obytes=130280
x-timer
S1704418112.880018,VS0,VE0
etag
"28a8e7ee634d18c62ad8703018b5007c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 74, 3
5593b8acb6d29c5d5a032a8def958e59.webp
images.taboola.com/taboola/image/fetch/$pw_460%2C$ph_256/t_tbl-cnd/https%3A//de9a11s35xj3d.cloudfront.net/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/$pw_460%2C$ph_256/t_tbl-cnd/https%3A//de9a11s35xj3d.cloudfront.net/5593b8acb6d29c5d5a032a8def958e59.webp
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
da60b8624ed3187fd7bb43353bd93cf0f90fc106b077c2174f26f9c4c2495cdb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/$pw_460%2C$ph_256/t_tbl-cnd/https%3A//de9a11s35xj3d.cloudfront.net/5593b8acb6d29c5d5a032a8def958e59.webp
x-amz-cf-pop
JFK52-P5
age
787027
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT, HIT
x-envoy-upstream-service-time
64
req-referer
https://www.kens5.com/
content-length
12852
x-served-by
cache-iad-kcgs7200052-IAD, cache-mia-kmia1760087-MIA
last-modified
Tue, 26 Dec 2023 16:37:48 GMT
server
nginx
x-timer
S1704418112.879974,VS0,VE0
etag
"7d02393edf7dc15253b1e34af3acaa44"
vary
ImageFormat
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
x-ratelimit-remaining
100
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
x-amz-cf-id
8Y0jPn9tn4mlPTCT3XTRR04tj-GPeJ4LP-ZhAGVz4gs0uQtKv-7GJA==
x-cache-hits
5, 2
5ef896f542dc7c279aaca6d82c3db8c8.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5ef896f542dc7c279aaca6d82c3db8c8.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0299f98d3a69e6794b0be9c4ca011a0b964ebb07df4e40592accf006406a85a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5ef896f542dc7c279aaca6d82c3db8c8.png
age
4181178
edge-cache-tag
446288313853771791717899103975929058383,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
446288313853771791717899103975929058383,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
126
expiration
expiry-date="Sat, 21 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.wordstrivia.com/
content-length
28574
x-served-by
cache-iad-kcgs7200100-IAD, cache-iad-kjyo7100048-IAD, cache-iad-kcgs7200057-IAD, cache-mia-kmia1760087-MIA
last-modified
Wed, 20 Sep 2023 21:32:56 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=33623,owidth=2414,oheight=1476,obytes=4726308
x-timer
S1704418112.879907,VS0,VE0
etag
"c4267ca38fc35fc320fd846b6620e13e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 18804, 2
web1_CTY-pearlridge-shooting-7861.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_CTY-pearlridge-shooting-7861.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d2645456cb5c5ea8a32c52d8b2a2313d2b32656d99d2583551fd6386ad652e6c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_CTY-pearlridge-shooting-7861.jpg
age
1087281
edge-cache-tag
527355566972437210843519394552400703906,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
527355566972437210843519394552400703906,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
513
req-referer
https://www.staradvertiser.com/
content-length
84058
x-request-id
09be9c43cf7283ba325c6c86f52f9731
x-served-by
cache-iad-kjyo7100076-IAD, cache-iad-kjyo7100147-IAD, cache-lga21943-LGA, cache-iad-kiad7000167-IAD, cache-mia-kmia1760087-MIA
last-modified
Sat, 23 Dec 2023 11:03:26 GMT
server
nginx
surrogate-reporting
width=760,height=380,bytes=53443,owidth=760,oheight=482,obytes=72965,ef=(1,13,17,23,30)
x-timer
S1704418112.879889,VS0,VE0
etag
"9b315389291b9ace80db142cc4bebdfb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 51, 1
web1_CTY-Souki-Presser-179.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_CTY-Souki-Presser-179.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dd68d9f527d4ecda69f14611874f498dfe40b7fac3b1cd198bfbda76dcd432cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_CTY-Souki-Presser-179.jpg
age
570109
edge-cache-tag
552325519215372412059103937027714375383,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
552325519215372412059103937027714375383,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
541
req-referer
https://www.staradvertiser.com/
content-length
32080
x-request-id
414285a4ba81ec86d0d030ed69ae25d4
x-served-by
cache-iad-kcgs7200087-IAD, cache-iad-kjyo7100030-IAD, cache-lga21952-LGA, cache-iad-kiad7000057-IAD, cache-mia-kmia1760087-MIA
last-modified
Fri, 29 Dec 2023 10:56:12 GMT
server
nginx
surrogate-reporting
width=760,height=380,bytes=23885,owidth=760,oheight=509,obytes=35969,ef=(1,13,17,23,30)
x-timer
S1704418112.879895,VS0,VE0
etag
"617fbf393c2947f60d9516cdb2673fc0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 18, 1
3dbeb7d7-a168-44e1-8d24-e7e9cf5bdb85__fofDlT8r.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/3dbeb7d7-a168-44e1-8d24-e7e9cf5bdb85__fofDlT8r.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
874003c0763583cb8388e4f2979a7d1b26edd3d66bfa7d1565a319274c947680

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/3dbeb7d7-a168-44e1-8d24-e7e9cf5bdb85__fofDlT8r.jpg
age
978408
edge-cache-tag
429502360380040084550538264685084002566,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
429502360380040084550538264685084002566,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
274
req-referer
https://www.gobankingrates.com/
content-length
27372
x-request-id
d457eaeaff38cfcb3e360d932ad37aaf
x-served-by
cache-iad-kjyo7100092-IAD, cache-iad-kiad7000037-IAD, cache-lga21976-LGA, cache-iad-kjyo7100049-IAD, cache-mia-kmia1760087-MIA
last-modified
Sun, 24 Dec 2023 17:41:44 GMT
server
nginx
surrogate-reporting
width=1344,height=746,bytes=91558,owidth=1344,oheight=768,obytes=81998,ef=(1,13,17,23,30)
x-timer
S1704418112.879856,VS0,VE0
etag
"009810323a346dabee6ebc562a1d47dd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 2
web1_2019-Hawaii-police-car-cropped.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/web1_2019-Hawaii-police-car-cropped.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9a9acc4a36b345253c9f8dbf26d4e0094beb775176480b63ebeeadba1c1f9d3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/web1_2019-Hawaii-police-car-cropped.jpg
age
203925
edge-cache-tag
526610797206543403156506429690488918408,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
526610797206543403156506429690488918408,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
597
req-referer
https://www.staradvertiser.com/
content-length
39342
x-request-id
292d65f95a1c2cd8aee92567fa2f3ac2
x-served-by
cache-iad-kcgs7200026-IAD, cache-iad-kjyo7100083-IAD, cache-lga21956-LGA, cache-iad-kjyo7100117-IAD, cache-mia-kmia1760087-MIA
last-modified
Tue, 02 Jan 2024 16:48:28 GMT
server
nginx
surrogate-reporting
width=720,height=360,bytes=27936,owidth=720,oheight=480,obytes=48309,ef=(1,13,17,23,30)
x-timer
S1704418112.944848,VS0,VE0
etag
"0ee115a819b03a8a652193a6e718dfa6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 16, 1
web1_SPT-uh-af-3359.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/web1_SPT-uh-af-3359.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
40d560c34325d7512ed96d5bd7216d0cf760c7be324431153500c9bf58276426

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/web1_SPT-uh-af-3359.jpg
age
140195
edge-cache-tag
302978369652289883091900341204389831762,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
302978369652289883091900341204389831762,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
256
req-referer
https://www.staradvertiser.com/
content-length
20408
x-request-id
55ccb63c87e37631198933ba5c716833
x-served-by
cache-iad-kjyo7100167-IAD, cache-iad-kjyo7100070-IAD, cache-lga21966-LGA, cache-iad-kjyo7100129-IAD, cache-mia-kmia1760087-MIA
last-modified
Wed, 03 Jan 2024 10:21:05 GMT
server
nginx
surrogate-reporting
width=760,height=380,bytes=35767,owidth=760,oheight=529,obytes=47401,ef=(1,13,17,23,30)
x-timer
S1704418112.951126,VS0,VE0
etag
"dffd018ddf055a0a51cb3085a91a8127"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 7, 1
rxaopuywd9nmbvpv3wpn.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1702688418/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1702688418/rxaopuywd9nmbvpv3wpn.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d9a2077c74530c11a701de2b7637691f24b06c67638a29944b67a0205e859475

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1702688418/rxaopuywd9nmbvpv3wpn.jpg
age
1729671
edge-cache-tag
551250791673032898452963158137280138864,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
551250791673032898452963158137280138864,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
246
req-referer
https://www.eonline.com/
content-length
39214
x-request-id
8bf1f7aae9af816ef400ea8a9384e94e
x-served-by
cache-iad-kjyo7100110-IAD, cache-iad-kiad7000125-IAD, cache-lax-kwhp1940035-LAX, cache-iad-kjyo7100108-IAD, cache-mia-kmia1760087-MIA
last-modified
Sat, 16 Dec 2023 01:00:41 GMT
server
nginx
surrogate-reporting
width=800,height=444,bytes=37847,owidth=800,oheight=450,obytes=35976,ef=(1,13,17,23,30)
x-timer
S1704418112.951245,VS0,VE0
etag
"6d76847306e5f4edd0e1f3ff00000870"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 37, 3
web1_14530505-53ce4c6bbd4b4834a48ea11c9d1705c9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_14530505-53ce4c6bbd4b4834a48ea11c9d1705c9.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7183835dcf312b08d1e179a329650b3171611cf3f020abae21ae9fd9291f33b8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_14530505-53ce4c6bbd4b4834a48ea11c9d1705c9.jpg
age
521416
edge-cache-tag
343203494504510682910969195191798542471,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
343203494504510682910969195191798542471,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
354
req-referer
https://www.staradvertiser.com/
content-length
27672
x-request-id
8f82c1c758fa0752699aa196e744ebfb
x-served-by
cache-iad-kjyo7100117-IAD, cache-iad-kiad7000058-IAD, cache-lga21963-LGA, cache-iad-kiad7000058-IAD, cache-mia-kmia1760087-MIA
last-modified
Sat, 30 Dec 2023 00:38:16 GMT
server
nginx
surrogate-reporting
width=760,height=422,bytes=47657,owidth=760,oheight=507,obytes=56244,ef=(1,13,17,23,30)
x-timer
S1704418112.957927,VS0,VE0
etag
"55ccece7d7662297cfe4f9938ab35377"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 49, 1
AP24002435528738.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/AP24002435528738.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2fb2594dc882d1b768abb049d139510cbc49909e120ad566f0ad48170b265a8d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/AP24002435528738.jpg
age
180077
edge-cache-tag
384683758829418784590909446971469871034,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
384683758829418784590909446971469871034,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
326
req-referer
https://www.staradvertiser.com/
content-length
21224
x-request-id
1fabce1927803f56ebc70c6ced113f86
x-served-by
cache-iad-kcgs7200161-IAD, cache-iad-kcgs7200114-IAD, cache-lga21945-LGA, cache-iad-kiad7000136-IAD, cache-mia-kmia1760087-MIA
last-modified
Tue, 02 Jan 2024 23:26:51 GMT
server
nginx
surrogate-reporting
width=760,height=422,bytes=43503,owidth=760,oheight=507,obytes=307491,ef=(1,13,17,23,30)
x-timer
S1704418112.958392,VS0,VE0
etag
"93a25778530f75bbae97707095e335d7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 17, 2
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
3374
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 05 Jan 2024 01:32:17 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
25
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 05 Jan 2024 02:28:06 GMT
40f989e0c159fdf23b99a68262bba912.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/40f989e0c159fdf23b99a68262bba912.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
72d34c54978f207006a2ad6ebc49b37eb70e7626cc42f673cd3363db294365dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/40f989e0c159fdf23b99a68262bba912.jpeg
age
2580486
edge-cache-tag
563353420351332842934155591244207327815,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
563353420351332842934155591244207327815,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
231
req-referer
https://www.eonline.com/news/1390908/young-and-the-restless-actor-billy-millers-cause-of-death-revealed
content-length
33298
x-request-id
95d458fe7dbf47a4febf03f7f6ad880e
x-served-by
cache-iad-kcgs7200058-IAD, cache-iad-kcgs7200056-IAD, cache-lga21964-LGA, cache-iad-kiad7000143-IAD, cache-mia-kmia1760087-MIA
last-modified
Wed, 06 Dec 2023 04:40:27 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=59107,owidth=1000,oheight=600,obytes=130280
x-timer
S1704418112.959164,VS0,VE0
etag
"eeb6b742be1d3576d138dd7164b775f1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 23, 2
af77a45c1acb96d530d950a8fc746591.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af77a45c1acb96d530d950a8fc746591.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ae87fcd040631fed20f37175acc21a37dc4315b4fb65ca0df0b017294010eab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af77a45c1acb96d530d950a8fc746591.png
age
6247478
edge-cache-tag
616798352795341228116901273118547342111,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
616798352795341228116901273118547342111,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
313
expiration
expiry-date="Wed, 06 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.wowt.com/
content-length
41882
x-served-by
cache-iad-kcgs7200116-IAD, cache-iad-kjyo7100131-IAD, cache-iad-kcgs7200166-IAD, cache-mia-kmia1760087-MIA
last-modified
Sun, 06 Aug 2023 06:42:44 GMT
server
nginx
x-timer
S1704418112.974746,VS0,VE0
etag
"8b67c5f6e1119fe1ffd6a73c69dcd200"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 267, 2
web1_SPT-uh-uci-408.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/web1_SPT-uh-uci-408.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8b1d8872f94436193145e8672ee2ffcc9ce622bc226f92300e5da33ff128a1e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/web1_SPT-uh-uci-408.jpg
age
140405
edge-cache-tag
293429616918938515051118280413705771112,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
293429616918938515051118280413705771112,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
351
req-referer
https://www.staradvertiser.com/
content-length
36382
x-request-id
03a4a2fd26a1cc2f2275edaf8f62ee87
x-served-by
cache-iad-kjyo7100126-IAD, cache-iad-kiad7000033-IAD, cache-lga21925-LGA, cache-iad-kcgs7200072-IAD, cache-mia-kmia1760087-MIA
last-modified
Wed, 03 Jan 2024 10:24:23 GMT
server
nginx
surrogate-reporting
width=760,height=422,bytes=54255,owidth=760,oheight=524,obytes=77073,ef=(1,13,17,23,30)
x-timer
S1704418112.989132,VS0,VE0
etag
"bb800ad2d0c983c203428e7af42eeb99"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2, 9, 2
I-WAS._-1987-11-23_497-151-003F.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/I-WAS._-1987-11-23_497-151-003F.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c6a10c3d477fcb788e9e03b79db2bee78b54224f6ec75ddecdb97727df9c0338

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/I-WAS._-1987-11-23_497-151-003F.jpg
age
1004237
edge-cache-tag
477147625468432718226574409586900239689,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
477147625468432718226574409586900239689,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
550
req-referer
https://www.staradvertiser.com/
content-length
61296
x-request-id
1ae85e78aa25efb408f888990b08e7f7
x-served-by
cache-iad-kcgs7200138-IAD, cache-iad-kiad7000093-IAD, cache-lga21974-LGA, cache-iad-kcgs7200142-IAD, cache-mia-kmia1760087-MIA
last-modified
Sun, 24 Dec 2023 10:23:43 GMT
server
nginx
surrogate-reporting
width=760,height=422,bytes=61080,owidth=760,oheight=480,obytes=221685,ef=(1,13,17,23,30)
x-timer
S1704418112.999770,VS0,VE0
etag
"8fa1aba301f94e9a7380a7cb084adecd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 29, 2
web1_AP22154422169247.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/web1_AP22154422169247.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2321505c3ded4d5839f88d0652d240ce7a84cfb3d9edf0f2245308614c0431a4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2024/01/web1_AP22154422169247.jpg
age
106482
edge-cache-tag
580732444558609509397407283966881427674,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
580732444558609509397407283966881427674,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
522
req-referer
https://www.staradvertiser.com/
content-length
87730
x-request-id
101d6fb22164cdc1b1bef468f97f1e80
x-served-by
cache-iad-kiad7000079-IAD, cache-iad-kjyo7100065-IAD, cache-lax-kwhp1940069-LAX, cache-iad-kjyo7100147-IAD, cache-mia-kmia1760087-MIA
last-modified
Wed, 03 Jan 2024 19:52:43 GMT
server
nginx
surrogate-reporting
width=760,height=422,bytes=75337,owidth=760,oheight=507,obytes=87380,ef=(1,13,17,23,30)
x-timer
S1704418112.999885,VS0,VE0
etag
"a9e46c81f1ec5f636af671b2925b2012"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 18, 1
web1_Mollena--1-.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_Mollena--1-.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
20e37e12e4611f478cee696d0cdd0a32bb2ac57ea224e2f6d1398e06f422a400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_Mollena--1-.jpg
age
787865
edge-cache-tag
301400544327420673541649247993901796030,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
301400544327420673541649247993901796030,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
939
req-referer
https://www.staradvertiser.com/
content-length
26470
x-request-id
08d663cf7c95b78e7d51eb614b64397d
x-served-by
cache-iad-kiad7000131-IAD, cache-iad-kcgs7200026-IAD, cache-lax-kwhp1940063-LAX, cache-iad-kjyo7100125-IAD, cache-mia-kmia1760087-MIA
last-modified
Tue, 26 Dec 2023 22:35:32 GMT
server
nginx
surrogate-reporting
width=750,height=416,bytes=30310,owidth=750,oheight=750,obytes=51350,ef=(1,13,17,23,30)
x-timer
S1704418112.999863,VS0,VE0
etag
"d811d4bdc23fc4f459592f2fa127f0e1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 32, 2
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0EBA 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71429
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 05 Jan 2024 01:28:31 GMT
expires
Fri, 05 Jan 2024 21:19:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
product.instiengage.com/ceu-code/ Frame 0927 		370 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2009:6c00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
611c88820bde9b7a0c0f4f41723a325b902dd76ab2076a0ad150eb8c6a06b9ff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
AK8TEMmxgWc8Xwwnt6I8n1LrRr6OpPOL
content-encoding
br
via
1.1 6558ca49ea7de7f93b4e2fdd32251fce.cloudfront.net (CloudFront)
date
Fri, 05 Jan 2024 01:27:08 GMT
last-modified
Thu, 04 Jan 2024 04:52:42 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C2
age
84
x-amz-server-side-encryption
AES256
etag
W/"9e9f9405762b8534c3731671d35fbdc7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600,public
x-amz-cf-id
OpC4BSoAYSuT27ftUYn2NYwkjMUPgLYip7KeYuS_ZLUCrcCYLlqMTw==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 2894 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.7.29.146 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-29-146.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:32 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 05 Jan 2024 01:43:32 GMT
ima.js
cdn-ima.33across.com/ Frame 2894 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:35 GMT
server
cloudflare
age
67488
etag
W/"65833ebf-2810"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8407f1efdeda4982-MIA
expires
Mon, 08 Jan 2024 01:28:31 GMT
hadron.js
cdn.hadronid.net/ Frame 2894 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&ref=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&_it=amazon&partner_id=694
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:31 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CADRK6PEVBEZB5
age
6561
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8407f1efdad99ae5-MIA
x-amz-id-2
flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=
web1_14527356-c1a2e4af3cb3455e96a04ed0d4ba26eb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_14527356-c1a2e4af3cb3455e96a04ed0d4ba26eb.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1cc87d1cb6af2a80192b4426bc37fd60a07238a8211ecf90356bee8fcc187ba8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_14527356-c1a2e4af3cb3455e96a04ed0d4ba26eb.jpg
age
644218
edge-cache-tag
562121993273326133836023985418348134986,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
562121993273326133836023985418348134986,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
509
req-referer
https://www.staradvertiser.com/
content-length
66396
x-request-id
c6f4dab1e7ce6e194ac33852bd502823
x-served-by
cache-iad-kcgs7200036-IAD, cache-iad-kcgs7200147-IAD, cache-ewr18172-EWR, cache-iad-kcgs7200075-IAD, cache-mia-kmia1760087-MIA
last-modified
Thu, 28 Dec 2023 14:31:34 GMT
server
nginx
surrogate-reporting
width=760,height=422,bytes=56155,owidth=760,oheight=427,obytes=63890,ef=(1,13,17,23,30)
x-timer
S1704418112.999876,VS0,VE0
etag
"dd82ec3b90feaef085d3585bf2d87359"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 109, 1
ares_assets.json
origami.secure.ownlocal.com/origami_unit/production/ Frame E3AD 		168 B
201 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares_assets.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:05:41 GMT
x-goog-meta-goog-reserved-file-mtime
1700785948
age
1371
x-guploader-uploadid
ABPtcPoOH0vvwA28kJAphvtMQYX0lQsJNXTkQLTfzj8QcYDo__fEPQEDx-HPiAC1WyKbP5RUKUi9lu1CbQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
last-modified
Fri, 24 Nov 2023 00:33:34 GMT
server
UploadServer
etag
"71690f93d8fcaf07c33c4d217bd2d1be"
x-goog-generation
1700786014725598
content-language
en
access-control-allow-origin
*
x-goog-hash
crc32c=nuzGdQ==, md5=cWkPk9j8rwfDPE0he9LRvg==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
168
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
application/json
expires
Sat, 06 Jan 2024 01:05:41 GMT
ares_assets.json
origami.secure.ownlocal.com/origami_unit/production/ Frame 238D 		168 B
201 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares_assets.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:05:41 GMT
x-goog-meta-goog-reserved-file-mtime
1700785948
age
1371
x-guploader-uploadid
ABPtcPoOH0vvwA28kJAphvtMQYX0lQsJNXTkQLTfzj8QcYDo__fEPQEDx-HPiAC1WyKbP5RUKUi9lu1CbQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
last-modified
Fri, 24 Nov 2023 00:33:34 GMT
server
UploadServer
etag
"71690f93d8fcaf07c33c4d217bd2d1be"
x-goog-generation
1700786014725598
content-language
en
access-control-allow-origin
*
x-goog-hash
crc32c=nuzGdQ==, md5=cWkPk9j8rwfDPE0he9LRvg==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
168
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
application/json
expires
Sat, 06 Jan 2024 01:05:41 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Fri, 05 Jan 2024 01:28:32 GMT
x-amz-request-id
YM4DTV0379RTPDRG
age
223
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
1Z44jl0Vdmsn+djJTix2dCK9QJJhr+yDc72N/xLYl7mu+8pnM/H2XYxxNHcmgp8bnbw8v6vp79M=
x-served-by
cache-mia-kmia1760087-MIA
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1704418112.088080,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
31
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
1158
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Fri, 05 Jan 2024 01:28:32 GMT
x-amz-request-id
AS6TTF5DRSZPKKPE
age
7202
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
ZuPipVwogOT9XanztYjJDY+Vh2/HY8qDZkOe+1PXGoKP3zS7wSV+7M3PXS/WeABO4PzaNI7IZcI=
x-served-by
cache-mia-kmia1760087-MIA
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1704418112.090446,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
52
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
22316
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Fri, 05 Jan 2024 01:28:32 GMT
x-amz-request-id
XKY2R4MY1MPFBWBY
age
13878
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
wVL5y3sSnV3I0ejly2N8ywYJTdnVvaGMyA/5MvuVp39q8Fk6dGUCj1xZxZuiJhwPQSzAhmE+TFo=
x-served-by
cache-mia-kmia1760087-MIA
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-timer
S1704418112.090425,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
41
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
33817
web1_20231225-web-halawa.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_20231225-web-halawa.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d177fb9d7629d5934c57175f0806c0247153c88279ab8c6868a0afa20f347e88

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 05 Jan 2024 01:28:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.staradvertiser.com/wp-content/uploads/2023/12/web1_20231225-web-halawa.jpg
age
791228
edge-cache-tag
467595658597985235693976725673327835053,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
467595658597985235693976725673327835053,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
522
req-referer
https://www.staradvertiser.com/
content-length
19648
x-request-id
7e532bd054a66e299dfa8f8d8d15884b
x-served-by
cache-iad-kiad7000130-IAD, cache-iad-kiad7000135-IAD, cache-ewr18174-EWR, cache-iad-kjyo7100144-IAD, cache-mia-kmia1760087-MIA
last-modified
Tue, 26 Dec 2023 21:32:39 GMT
server
nginx
surrogate-reporting
width=760,height=380,bytes=21350,owidth=760,oheight=480,obytes=35689,ef=(1,13,17,23,30)
x-timer
S1704418112.110716,VS0,VE0
etag
"85a3327032cc09900f08fe340b12565d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 1, 0, 1
cs
cs.yellowblue.io/ Frame F81B
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=818726b0a3b1b87f81433a2669b2306d&gdpr_consent=&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=818726b0a3b1b87f81433a2669b2306d&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Frisecodes%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Protocol
H2
Server
3.227.185.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-185-122.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:33 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=818726b0a3b1b87f81433a2669b2306d&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1704418113242017-86
cs
cs-server-s2s.yellowblue.io/ Frame F81B
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=770043a8-af77-46db-9a99-c38ce904d888
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=770043a8-af77-46db-9a99-c38ce904d888
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Frisecodes%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Protocol
H2
Server
3.227.185.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-185-122.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:32 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:32 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-180
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=770043a8-af77-46db-9a99-c38ce904d888
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame F81B
Redirect Chain
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=d08b0939-e7dd-47e1-a1ce-13919d351d77&gdpr_consent=null&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=d08b0939-e7dd-47e1-a1ce-13919d351d77&gdpr_consent=null&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Frisecodes%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Protocol
H2
Server
3.227.185.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-185-122.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:32 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=d08b0939-e7dd-47e1-a1ce-13919d351d77&gdpr_consent=null&gdpr=0
date
Fri, 05 Jan 2024 01:28:32 GMT
server
_
content-length
0
cs
cs.yellowblue.io/ Frame F81B
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11587&uid=c73598e4-19af-4225-ad41-0db5af961cdf&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=c73598e4-19af-4225-ad41-0db5af961cdf&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Frisecodes%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Protocol
H2
Server
3.227.185.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-185-122.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:32 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11587&uid=c73598e4-19af-4225-ad41-0db5af961cdf&gdpr=0
date
Fri, 05 Jan 2024 01:28:32 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame F81B
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Frisecodes%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Protocol
H2
Server
3.227.185.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-185-122.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Date
Fri, 05 Jan 2024 01:28:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs-server-s2s.yellowblue.io/ Frame F81B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=ae7d6682-9b56-4401-a54f-a73b0c94cdbd
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=ae7d6682-9b56-4401-a54f-a73b0c94cdbd
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Frisecodes%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Protocol
H2
Server
3.227.185.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-185-122.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:32 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Fri, 05 Jan 2024 01:28:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=ae7d6682-9b56-4401-a54f-a73b0c94cdbd
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame F81B
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTA4NjQ1MDItMDZBMC00RUQ4LUE3OUUtN0NEMjYzRTcxMjk5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELWL8yepwJVgoFXd5zVih_Y&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A0864502-06A0-4ED8-A79E-7CD263E71299
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Frisecodes%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Protocol
H2
Server
3.227.185.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-185-122.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A0864502-06A0-4ED8-A79E-7CD263E71299
date
Fri, 05 Jan 2024 01:28:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
cs
cs.yellowblue.io/ Frame F81B
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11600&id=6066353311403014312&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11600&id=6066353311403014312&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Frisecodes%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Protocol
H2
Server
3.227.185.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-185-122.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11600&id=6066353311403014312&gdpr=0&gdpr_consent=
date
Fri, 05 Jan 2024 01:28:32 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame F81B
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=VEIznffDDzf1nB7iTMI_&gdpr=0&gdpr_consent=&us_privacy=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=VEIznffDDzf1nB7iTMI_&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Frisecodes%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Protocol
H2
Server
3.227.185.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-185-122.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=VEIznffDDzf1nB7iTMI_&gdpr=0&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame F81B
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212429669350874
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212429669350874
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Frisecodes%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Protocol
H2
Server
3.227.185.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-185-122.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:32 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212429669350874
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs-server-s2s.yellowblue.io/ Frame F81B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=K5XH98XlPE9c&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=K5XH98XlPE9c&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Frisecodes%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Protocol
H2
Server
3.227.185.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-185-122.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=K5XH98XlPE9c&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-fsdm2
expires
-1
cs
cs.yellowblue.io/ Frame F81B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2777457757
  • https://sync.1rx.io/usersync/tradedesk/736096f3-a33b-4e74-a900-147a47dba0f3
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11599&id=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Frisecodes%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Protocol
H2
Server
3.227.185.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-185-122.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11599&id=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
date
Fri, 05 Jan 2024 01:28:33 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1b1c05a4a7cb4073855993f6a89d18e6005
content-type
text/html
cksync.php
contextual.media.net/ Frame F81B 		57 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Frisecodes%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.39.176.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-176-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 01:28:33 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Fri, 05 Jan 2024 01:28:33 GMT
cs
cs-server-s2s.yellowblue.io/ Frame F81B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=7386633197929965226&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=7386633197929965226&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Frisecodes%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Protocol
H2
Server
3.227.185.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-185-122.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:32 GMT
an-x-request-uuid
c5030b2c-1750-4963-82c3-e4ad49d2e004
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=7386633197929965226&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
b9e8126a-a546-48ae-9dc7-dd9b2e497b11
ex.ingage.tech/v1/sync/risecodes/ Frame F81B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/risecodes/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Frisecodes%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
cframe.js
assets.a-mo.net/js/ Frame B7FB 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CtABShZ3d3cuc3RhcmFkdmVydGlzZXIuY29tUgthYXMtNjQ1NzE1N1oIcGJhMS4zLjJqFnd3dy5zdGFyYWR2ZXJ0aXNlci5jb236AQY3LjQyLjDoAgGIA7q23awGqAM66gMkNTk5MjZhNGEtNDI3Ni00MjJhLWE4NGUtMzYwMjUwODQ1ZjliqgQDRENIsgUDVVNE0gUJMTA1MTk5Mzg42AUB4AUB6gUHZGVza3RvcPoFA255NaoHA3dlYsoHEnN0YXJhZHZlcnRpc2VyLmNvbeAHAQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:32 GMT
via
1.1 b26547db1e1891a614cdee548c1b3f08.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
274
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
server
cloudflare
etag
W/"e3fef3a35c249816d0d7aa58df5e6bf4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
8407f1f1bcb42233-MIA
x-amz-cf-id
GUyyDMblVUmlqp07v6xwYZWJaEZMxdPAR9c6YVaoqFOPIcFzZLyEGQ==
expires
Fri, 05 Jan 2024 02:28:32 GMT
cframe.js
assets.a-mo.net/js/ Frame D9E5 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=0&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Famx%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:32 GMT
via
1.1 b26547db1e1891a614cdee548c1b3f08.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
274
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
server
cloudflare
etag
W/"e3fef3a35c249816d0d7aa58df5e6bf4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
8407f1f1bcb92233-MIA
x-amz-cf-id
GUyyDMblVUmlqp07v6xwYZWJaEZMxdPAR9c6YVaoqFOPIcFzZLyEGQ==
expires
Fri, 05 Jan 2024 02:28:32 GMT
sd
us-u.openx.net/w/1.0/ Frame D939
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZZdbQAAMIjwI5QBH
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZdbQAAMIjwI5QBH&_test=ZZdbQAAMIjwI5QBH
43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZdbQAAMIjwI5QBH&_test=ZZdbQAAMIjwI5QBH
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-mia-kmia1760049-MIA
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:32 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704418112.416551,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZdbQAAMIjwI5QBH&_test=ZZdbQAAMIjwI5QBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
d2ba1c50-dc15-eb0d-dfdf-ed5cd26ad4b7
pr-bh.ybp.yahoo.com/sync/openx/ Frame D939 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/d2ba1c50-dc15-eb0d-dfdf-ed5cd26ad4b7?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:8d75:79f2:fdf1:69ff Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame D939
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=1eab0669-5013-c2be-2e06-793e450ed21e
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=1eab0669-5013-c2be-2e06-793e450ed21e&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=1eab0669-5013-c2be-2e06-793e450ed21e&dcc=t
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TFHFTHFC5MP5ZWCHSVH7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CWSV4WCVNAQF1AE5WH3N
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=1eab0669-5013-c2be-2e06-793e450ed21e&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D939
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=467d7a14-4cb9-7944-ee08-fba92d3d19fe&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=736096f3-a33b-4e74-a900-147a47dba0f3&ttd_puid=467d7a14-4cb9-7944-ee08-fba92d3d19fe&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=736096f3-a33b-4e74-a900-147a47dba0f3&ttd_puid=467d7a14-4cb9-7944-ee08-fba92d3d19fe&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=736096f3-a33b-4e74-a900-147a47dba0f3&ttd_puid=467d7a14-4cb9-7944-ee08-fba92d3d19fe&gdpr=0&gdpr_consent=
date
Fri, 05 Jan 2024 01:28:32 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame D939 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmExMmE5ZGUtODVjZS0yN2UwLWZiZTgtYTExMGU3ZGZkNzll
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D939
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDaVku7Fk3J1YWl34EirdNE&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDaVku7Fk3J1YWl34EirdNE&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDaVku7Fk3J1YWl34EirdNE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 54D8 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12351
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
crum
dsum-sec.casalemedia.com/ Frame 39BB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZdbPwCgEoqR40X4NR82pgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFR6_ugvQv6a4E9G_leWvTI&google_cver=1
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFR6_ugvQv6a4E9G_leWvTI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D&s=192379&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psnW0O9qAEgGbpZlKqUVtLp6U3aNo2KKbHFd7mVhBvO%2FuAoFqGpv8mLGoA39XYKyGIJA1UZqA2swxfH%2FozRafZ3yaV1jbxh1X0gDQkLH5V7mi4b23rEslcyPdyOCg8jhgTN0Oa7N1S201A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f1f31d0b25a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFR6_ugvQv6a4E9G_leWvTI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 39BB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=736096f3-a33b-4e74-a900-147a47dba0f3&expiration=1707010112&gdpr=0&gdpr_consent=
43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=736096f3-a33b-4e74-a900-147a47dba0f3&expiration=1707010112&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D&s=192379&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eItoOU2pbJ0WqnVIcZ%2B9%2BHyKerHNbEBumfJ5suOK7N8dUQYK9X2UOqh0WRlmegfWyHyMdvgMiOJNeL2MqC29SMbsQFhlYAdckQQunT0IZBoFqlVaO96m9g21AEeqr4lA5v1cnW5FtI%2FNiw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f1f1fc8adb09-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=736096f3-a33b-4e74-a900-147a47dba0f3&expiration=1707010112&gdpr=0&gdpr_consent=
date
Fri, 05 Jan 2024 01:28:32 GMT
server
Kestrel
content-length
323
sync
pippio.com/api/ Frame 39BB
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZdbPwCgEoqR40X4NR82pgAA%261641&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZdbPwCgEoqR40X4NR82pgAA%261641&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=0e521442191b476ebd4b7f1dc324ebc5
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=0e521442-191b-476e-bd4b-7f1dc324ebc5
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=73e61b6f-a064-4dfc-a9ec-caa48a3f5854%3A1704418113.6999092&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D73e61b6f-a064-4dfc...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1813050728247349171&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D73e61b...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=73e61b6f-a064-4dfc-a9ec-caa48a3f5854%3A1704418113.6999092&pid=500040&it=1&iv=73e61b6f-a064-4dfc-a9ec-caa48a3f5854%3A1704418113.6999092&_=170...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704418113.7024932&iv=73e61b6f-a064-4dfc-a9ec-caa48a3f5854:1704418113.6999092
42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1704418113.7024932&iv=73e61b6f-a064-4dfc-a9ec-caa48a3f5854:1704418113.6999092
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D&s=192379&C=1
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:34 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1704418113.7024932&iv=73e61b6f-a064-4dfc-a9ec-caa48a3f5854:1704418113.6999092
Date
Fri, 05 Jan 2024 01:28:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
dcm
s.amazon-adsystem.com/ Frame 39BB 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D&s=192379&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GJK5MBY4S10BD380T127
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 39BB
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3ad06018-d1ed-a766-3562c7cc
43 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3ad06018-d1ed-a766-3562c7cc
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D&s=192379&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2YWfvwzluCaFLWLWia9Q8hX9fMUbkMMPbHWQADq8HETXFoJWq2Y2IseuOTskHzLiBq1nnOdHqDxGNGXVjTzmlvXPb%2Fm7Y8r5ISnUNxN8ad4Cio6FEJVVUg%2BYdDzlpJGd7q3O1Fz"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f1f8786bdb09-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 05 Jan 2024 01:28:33 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3ad06018-d1ed-a766-3562c7cc
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
crum
dsum.casalemedia.com/ Frame 39BB
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=d32de12f-65c3-42c1-a39f-1a86978ca970
43 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=d32de12f-65c3-42c1-a39f-1a86978ca970
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D&s=192379&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejTuuhzrg0s8VqFLbSEbMYtpjyVSOXsOAQbA4qAFu6KJNw3A1xil8kF%2FUTbe%2FFCu5kEqpKd3bPc4wy8QtxpNjk4ozpBNxHc%2F0ArTe3Vl9LKotLXv82p7QuZK9NFXnN1L0oxEgMim"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f1f8786ddb09-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-servername
Track003-iad
pragma
no-cache
date
Fri, 05 Jan 2024 01:27:36 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=d32de12f-65c3-42c1-a39f-1a86978ca970
cache-control
private,no-cache
content-length
222
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 39BB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5394353749448417114&expiration=1705627713
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5394353749448417114&expiration=1705627713
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D&s=192379&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03ZCA3lQVh8lupyFkg4T34zfirng2rsDnEARUqve7NAeahlXKbGwqBt30mfJQcffeh5S203XvXvOhkdGaENcPTYK9%2BG%2FbeXPD%2FL9MxPr9wqxoxeSkuyw%2BpV9gQNWPMows7ZEeFta0JN8gA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f1f9988725a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5394353749448417114&expiration=1705627713
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 39BB
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=wEAGKYle1Rlz0J5
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=wEAGKYle1Rlz0J5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D&s=192379&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pcOLiODJScFNytbTRVAdx6KlbHnJzdfvfnC76gWnHdbmjH8RyyCsF83M4hFE4JGAFD9%2FcwL4ySEdUCE3sLXE0EGKylvJvLQUpiulCj7IXG6%2FFFpnwtcosJZq%2BSbmosMd1M5tfY05DPzmg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f1f9988b25a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:33 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0427c28202f3087d4@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=wEAGKYle1Rlz0J5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
b9e8126a-a546-48ae-9dc7-dd9b2e497b11
ex.ingage.tech/v1/sync/ix/ Frame 39BB 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/ix/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D&s=192379&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:32 GMT
cache-control
private, max-age=604800
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8407f1f51cf6db05-MIA
vary
Origin
usync.js
eus.rubiconproject.com/ Frame 0C9E 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12351
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
5ce81c00-6c62-4796-948e-c211c6c6cce4
https://www.staradvertiser.com/ Frame F936 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/5ce81c00-6c62-4796-948e-c211c6c6cce4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63201d52a0bc69bd34b0a46882b8d763496a30b95beb3a78606437099b2bae88

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-5CQE7K4MEN&gtm=45je4130v9124458370&_p=1704418104928&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=495654607.1704418108&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1704418112&sct=1&seg=0&dl=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&dt=More%20than%2020%20injured%20after%20New%20York%20City%20subway%20train%20derails%20%7C%20Honolulu%20Star-Advertiser&en=page_view&_fv=1&_ss=1&tfd=8845
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fire.js
s.cpx.to/ 		35 B
696 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12967&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&hn_ver=72&fid=fd805b6b-0a2d-4d0e-9965-47e013c8766c&dsp=pub_common&dsp_uid=95d1454d-e53e-46b3-b4de-3341491a2a03&dsp=TTD&dsp_uid=736096f3-a33b-4e74-a900-147a47dba0f3&dsp=app_nexus&dsp_uid=7386633197929965226
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.64.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-64-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2139ce24fb0249caba20c563f30721e410df03f7aa67d349418754b0f7afa706

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:33 GMT
access-control-allow-credentials
true
p3p
CP="NOI DEV ADM"
content-length
35
vary
Origin
expires
Fri, 05 Jan 2024 01:28:33 GMT
iframe
sync.teads.tv/ Frame 197C 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?pid=62653&gdprIab={%22reason%22:0,%22status%22:0,%22consent%22:%22%22,%22apiVersion%22:2,%22cmpId%22:9}&fromFormat=true&env=js-web&auctid=7f4cbe29-60d9-4374-99cc-cb1a05bd0f3a&vid=5aae2540-b768-4666-864c-f0c5786ce1d3&us_privacy=1---&1704418112421
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-197-151.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
fd645c33a5dcb38ca3f60ca3b6c7d8fef4bf1fce6b0c7598220117a9bab88b7a

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
761
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:33 GMT
expires
Fri, 05 Jan 2024 01:28:33 GMT
pragma
no-cache
server
pekko-http/1.0.0
vary
Accept-Encoding
supply-feature
ch-trc-events.taboola.com/oahu-staradvertiser/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/oahu-staradvertiser/log/3/supply-feature?route=US:CH:V&tvi2=10443&tvi48=11657&tvi50=11104&lti=deflated&ri=b14c472a780da084456a64c8ad9a2bcf&sd=v2_3f710bd07c3e753b785ba6f2ad6c8c40_055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc_1704418108_1704418108_CNawjgYQrK1FGPHH8bnNMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGiX1Mza_5njnMEBcAE&ui=055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc&pi=/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails&wi=5938811235174806824&pt=text&vi=1704418108401&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22475%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=15%3A28%3A32.520&id=9161&llvl=2&cv=20240104-7-RELEASE&
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
a.ad.gt/api/v1/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
cf-ray
8407f1f3ef2331d8-MIA
getpixels
pixels.ad.gt/api/v1/ 		0
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=fe023dd3660d6ba3c2efd0e6fb341729&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&code=%27none%27
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8407f1f7bf518ddf-MIA
content-type
text/html; charset=utf-8
css2
fonts.googleapis.com/ 		20 KB
915 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 01:28:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:42:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jan 2024 01:28:32 GMT
spa-detector.20240104-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20240104-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/oahu-staradvertiser/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3122a2ad14078e833656ac1de950aa8a449c3705d95a21d7be14e88404baa0b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
dH7KykjsDOtMF4968naM8YrCtA.6n8jh
content-encoding
gzip
via
1.1 varnish
date
Fri, 05 Jan 2024 01:28:32 GMT
x-amz-request-id
P8ZWBWM7RR3MF9GP
age
51620
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
778
x-amz-id-2
3LLe/BQmMhH4u331HdiLlJ1BHxxj9VpbakkWkvoivDJM0NbMb0yTy57JO27aCfoDWSpIuiMMyvQ=
x-served-by
cache-mia-kmia1760087-MIA
last-modified
Thu, 04 Jan 2024 11:08:13 GMT
server
AmazonS3
x-timer
S1704418113.614658,VS0,VE0
etag
"3210ec7d0e68e288fb9d371bdb54a214"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
69
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
36245
supply-feature
ch-trc-events.taboola.com/oahu-staradvertiser/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/oahu-staradvertiser/log/3/supply-feature?route=US:CH:V&tvi2=10443&tvi48=11657&tvi50=11104&lti=deflated&ri=b14c472a780da084456a64c8ad9a2bcf&sd=v2_3f710bd07c3e753b785ba6f2ad6c8c40_055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc_1704418108_1704418108_CNawjgYQrK1FGPHH8bnNMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGiX1Mza_5njnMEBcAE&ui=055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc&pi=/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails&wi=5938811235174806824&pt=text&vi=1704418108401&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=15%3A28%3A32.577&id=5608&llvl=2&cv=20240104-7-RELEASE&
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
ch-trc-events.taboola.com/oahu-staradvertiser/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/oahu-staradvertiser/log/3/abtests?route=US:CH:V&tvi2=10443&tvi48=11657&tvi50=11104&lti=deflated&ri=b14c472a780da084456a64c8ad9a2bcf&sd=v2_3f710bd07c3e753b785ba6f2ad6c8c40_055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc_1704418108_1704418108_CNawjgYQrK1FGPHH8bnNMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGiX1Mza_5njnMEBcAE&ui=055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc&pi=/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails&wi=5938811235174806824&pt=text&vi=1704418108401&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1704418112586%7D&tim=15%3A28%3A32.587&id=6791&llvl=2&cv=20240104-7-RELEASE&
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
ch-trc-events.taboola.com/oahu-staradvertiser/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/oahu-staradvertiser/log/3/supply-feature?route=US:CH:V&tvi2=10443&tvi48=11657&tvi50=11104&lti=deflated&ri=b14c472a780da084456a64c8ad9a2bcf&sd=v2_3f710bd07c3e753b785ba6f2ad6c8c40_055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc_1704418108_1704418108_CNawjgYQrK1FGPHH8bnNMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGiX1Mza_5njnMEBcAE&ui=055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc&pi=/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails&wi=5938811235174806824&pt=text&vi=1704418108401&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=15%3A28%3A32.590&id=5945&llvl=2&cv=20240104-7-RELEASE&
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
sa-logo-white-small.png
staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser.wpenginepowered.com/wp-content/themes/staradvertiser/images/sa-logo-white-small.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0bc9a339b66ab78582f3d4e03c0de404fcfdb87d899a850fcf0ffeedc65d7e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:32 GMT
cf-cache-status
HIT
age
223232
cf-polished
origFmt=png, origSize=6620
content-disposition
inline; filename="sa-logo-white-small.webp"
alt-svc
h3=":443"; ma=86400
content-length
3506
cf-bgj
imgq:100,h2pri
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
cloudflare
etag
"5d893779-19dc"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8407f1f3e8c3b3c2-MIA
abtests
ch-trc-events.taboola.com/oahu-staradvertiser/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/oahu-staradvertiser/log/3/abtests?route=US:CH:V&tvi2=10443&tvi48=11657&tvi50=11104&lti=deflated&ri=b14c472a780da084456a64c8ad9a2bcf&sd=v2_3f710bd07c3e753b785ba6f2ad6c8c40_055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc_1704418108_1704418108_CNawjgYQrK1FGPHH8bnNMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGiX1Mza_5njnMEBcAE&ui=055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc&pi=/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails&wi=5938811235174806824&pt=text&vi=1704418108401&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1704418112596%7D&tim=15%3A28%3A32.596&id=9771&llvl=2&cv=20240104-7-RELEASE&
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
post
jxgdqbxdiycfimegq.ay.delivery/ivt/ 		43 B
596 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jxgdqbxdiycfimegq.ay.delivery/ivt/post
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:ae1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c4ea290f86281a5798bce1391a40b1272eaf87eff7c2ed70c0a427b11e16973
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:32 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
43
x-xss-protection
1; mode=block
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgWlKw2Lm87H9ha5hdE5wy%2FUWUVPSSf1%2FLDTJ%2FvYbVlukYBFvWKZTRpCKmTniSogBEn4z9zNEJwyVenC9daKZc85eK4a7pSbM%2F%2FYTfA7GbZ6YFYO1dLFiR05cDIU5%2FWR7Rdk1h7tUNv9Aqp86ehSDToqQBFe62icnrjXSA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store
cf-ray
8407f1f44f2325a3-MIA
access-control-allow-headers
X-Forwarded-For, X-Requested-With, Content-Type
player-event
events.qortex.ai/api/v1/ Frame 2894 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.qortex.ai
URL: https://tags.qortex.ai/bootstrapper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 05 Jan 2024 01:28:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtizfKpPNEwZFqgaw3FU2lWThIDX7q0KC%2FoHqBng1zqN9hm1F7qkMQinkNRd2XlibtokuQftf2Atl8UwVx99Y7trPJ%2BhLcjkDopyc2HCn7TKpkZc1%2FI6AS%2FVktEzAJfCaCaKtMubSfrtQQ3vY3M%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f1f7ac8bdafd-MIA
content-length
0
cx-bootstrapper-init
tags.qortex.ai/cxo/ Frame 2894 		49 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.qortex.ai/cxo/cx-bootstrapper-init
Requested by
Host: tags.qortex.ai
URL: https://tags.qortex.ai/bootstrapper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ba7e0e72735ea304bac8a43e87c2da1b7ee2d6705e8548a2fde134beb08d7b48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
34
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmnlQcxcCNq0TBcHul35hZEgWyfmB%2FPrwpv5DH5xnjod3DcGRON4RT%2BNEXOowCOdADP%2BpDXdZmivWjtGbyZ9lFSsCu1URHZ79aCbSUKEpm3r0obSsXwDZWIZvZPHl%2FQIUgh0OVpPkoU7xBtH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8407f1f40e104c0f-MIA
init-3392tkd9ir9ggbv3f0mu.js
api.fouanalytics.com/api/ Frame 2894 		0
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.fouanalytics.com/api/init-3392tkd9ir9ggbv3f0mu.js
Requested by
Host: tags.qortex.ai
URL: https://tags.qortex.ai/bootstrapper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEcAji2L7FRGWiN09WobpgdAjkDzyx0fm%2BDCaO%2BhpXxDWj52Q9wFpn68no5QQQ0wbVZ%2FevBa8clVmLFOG66azI2M3qQgMXddE%2F6vRe3OfOxoplnU9%2B7sPitmLNk%2FGRdd1mmfQ%2By1YVwra%2F1iPBZzrWHqFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
8407f1f7bee28d96-MIA
alt-svc
h3=":443"; ma=86400
expires
0
noscript-3392tkd9ir9ggbv3f0mu.gif
api.fouanalytics.com/api/ Frame 2894 		0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.fouanalytics.com/api/noscript-3392tkd9ir9ggbv3f0mu.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2HmWWt26oCaQCw4q4%2Fwb7wXEfzpul50N0Xujsxu60IHkvryIRR66NLO0ztgB4aAinRj0tfkxfkOnxVyP2eBRIYBQFpBCo1LoYrShtpSvZ74%2FKuglaRzs1jmz0xbILDN1WEGCgakCG2vrYHMj8cVcgcxiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
8407f1f7bee38d96-MIA
alt-svc
h3=":443"; ma=86400
expires
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
442252a52549fecdbd921da7819bd5ad4ba315ecbc5cc55a92a944f25a4ef2d2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
bulk
trc.taboola.com/oahu-staradvertiser/log/3/ 		0
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/oahu-staradvertiser/log/3/bulk?tvi2=10443&tvi48=11657&tvi50=11104&route=US%3ACH%3AV&lti=deflated&bulkSize=12
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
44
date
Fri, 05 Jan 2024 01:28:32 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
34980
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mia-kmia1760087-MIA
pragma
no-cache
server
nginx
x-timer
S1704418113.730477,VS0,VE44
content-type
image/gif
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
properties
api.payvibe.com/v1/design/ Frame 0EEE 		790 B
1002 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.payvibe.com/v1/design/properties
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/public/assets/app.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.200.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-200-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
6934a4a5d8a7b71bb8c641bbf177884f4eca236d1420a095bf84fac479f95ba9
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Access-Control-Allow-Origin
*
secretkey
Referer
https://travel.payvibe.com/
accept-language
en-US,en;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:32 GMT
server
Apache
x-frame-options
sameorigin
vary
Authorization,Origin
content-type
application/json
x-ratelimit-remaining
1989
access-control-allow-origin
*
cache-control
no-cache, private
x-ratelimit-limit
2000
content-length
790
hotdealshawaii
api.payvibe.com/v1/widget/ Frame 0EEE 		6 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.payvibe.com/v1/widget/hotdealshawaii
Requested by
Host: travel.payvibe.com
URL: https://travel.payvibe.com/public/assets/app.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.200.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-200-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
987e8343e305ad261d4bc23121ffb6117c39a5447e2e647f76856c9a29a40d6e
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Access-Control-Allow-Origin
*
secretkey
Referer
https://travel.payvibe.com/
accept-language
en-US,en;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:32 GMT
server
Apache
x-frame-options
sameorigin
vary
Authorization,Origin
content-type
application/json
x-ratelimit-remaining
1991
access-control-allow-origin
*
cache-control
no-cache, private
x-ratelimit-limit
2000
content-length
6067
halo_match
ids.ad.gt/api/v1/ 		43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001704418109-NTS4H3MM-VH3X&halo_id=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:32 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8407f1f4ee3474b4-MIA
content-length
43
content-type
image/gif
usync.html
eus.rubiconproject.com/ Frame 8530
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Frisecodes%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:33 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 9CBF 		2 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Frisecodes%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 0868
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Requested by
Host: ex.ingage.tech
URL: https://ex.ingage.tech/v1/syncPage/rubicon?userId=b9e8126a-a546-48ae-9dc7-dd9b2e497b11&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ex.ingage.tech/v1/syncPage/rubicon?userId=b9e8126a-a546-48ae-9dc7-dd9b2e497b11&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:33 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:33 GMT
location
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
server
AkamaiGHost
setuid
u.4dex.io/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3656
  • https://u.4dex.io/setuid?bidder=freewheel&uid=8cde5c648fe156140db5378baffff1b
0
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=freewheel&uid=8cde5c648fe156140db5378baffff1b
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:33 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:33 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://u.4dex.io/setuid?bidder=freewheel&uid=8cde5c648fe156140db5378baffff1b
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1704418113241022-52
properties
api.payvibe.com/v1/design/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.payvibe.com/v1/design/properties
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.200.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-200-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,authorization,content-type,secretkey
Access-Control-Request-Method
POST
Origin
https://travel.payvibe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
ACCESS-CONTROL-ALLOW-ORIGIN,AUTHORIZATION,CONTENT-TYPE,SECRETKEY
access-control-allow-methods
POST
access-control-allow-origin
*
cache-control
no-cache, private
date
Fri, 05 Jan 2024 01:28:32 GMT
server
Apache
x-frame-options
sameorigin
hotdealshawaii
api.payvibe.com/v1/widget/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.payvibe.com/v1/widget/hotdealshawaii
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.200.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-200-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,authorization,content-type,secretkey
Access-Control-Request-Method
GET
Origin
https://travel.payvibe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
ACCESS-CONTROL-ALLOW-ORIGIN,AUTHORIZATION,CONTENT-TYPE,SECRETKEY
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, private
date
Fri, 05 Jan 2024 01:28:32 GMT
server
Apache
x-frame-options
sameorigin
/
cat.hbwrapper.com/ Frame F936 		15 B
267 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.hbwrapper.com/
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
capture.analytics.hbwrapper
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.staradvertiser.com
Date
Fri, 05 Jan 2024 01:28:33 GMT
Access-Control-Allow-Credentials
true
Server
Apache
Connection
close
Content-Length
15
Content-Type
text/html; charset=UTF-8
trace
cloudflare.com/cdn-cgi/ Frame F936 		315 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f37b850d9024e99b6015db65885cc04facc61bc50e983931fd5ec3074a169af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
8407f1f7bc1e3343-MIA
expires
Thu, 01 Jan 1970 00:00:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame F936 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ec3aef750b84abfd4ac621fc73288227be5d56b1930dbc818e85a13aeadfcfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29207
x-xss-protection
0
server
cafe
etag
42 / 19727 / m202312070101 / config-hash: 147569701560198365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:28:32 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame F936 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:08:15 GMT
content-encoding
gzip
via
1.1 c34bd35d24f6df50307d1ac92d0f6110.cloudfront.net (CloudFront), 1.1 417c242b19212928b079740e6dd8f54c.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:18 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, IAD89-C1
age
1218
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
m7tnlz7uiBfVAKysEb8G_k1It6sLgmmRI-KUWkJidlLVqMZ277sgWg==
gtm.js
www.googletagmanager.com/ Frame F936 		342 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
59bc8f9be020dd8503f13b4f0fd6a7b2792b67a6755a3b66cf5c51a76fd974b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87041
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 Jan 2024 01:28:32 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame F936 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
33adc22eef3cec210d8519cf7770e31bc9dcca9096f08bb75b2201df502f8f00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 05 Jan 2024 01:28:33 GMT
x-content-type-options
nosniff
content-encoding
br
age
34065
x-jsd-version
1.0.1925
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
931
x-served-by
cache-fra-eddf8230103-FRA, cache-mia-kmia1760075-MIA
x-jsd-version-type
version
etag
W/"642-wXVml+zZ4CaBLZ13Tba0QedUzl4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rtd
p2.gcprivacy.com/v2/ Frame F936 		19 B
293 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p2.gcprivacy.com/v2/rtd?pid=Q6CV1VBC&u=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.113.161 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-113-161.compute-1.amazonaws.com
Software
/
Resource Hash
9bfe1bbdb54edf381f3b49b277e17504e1101e48f4ab612d78ab10f240544461

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:33 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
content-length
19
anchor
www.google.com/recaptcha/api2/ Frame FE25 		41 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=x9nb1jn75hou
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::93 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8de8c07eb67b779e0c1cf1f201820ae145e0258225afb742d1c736385e8b4b03
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ga3sosF7n3puQqUEZCakqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Ga3sosF7n3puQqUEZCakqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 01:28:33 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame E5BB 		40 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=c8pisbjflbue
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::93 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
aaf3db87f158cc8ca7d99790c12f6febc62adc030b9d7d232d05df364468b527
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eczkuyRQxVDWJjhjz4zf8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-eczkuyRQxVDWJjhjz4zf8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 01:28:33 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bulk-metrics
ch-trc-events.taboola.com/oahu-staradvertiser/log/3/ 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/oahu-staradvertiser/log/3/bulk-metrics?tvi2=10443&tvi48=11657&tvi50=11104&route=US%3ACH%3AV&lti=deflated&bulkSize=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.staradvertiser.com
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 05 Jan 2024 01:28:34 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 2894 		185 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
7adee438455ce7d12a78e4fb744cd9ffbd0b6f2adceae1c7995131f09bc966ef

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.6.0
Content-Type
application/json
access-control-allow-origin
https://www.staradvertiser.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
Expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 2894 		36 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=438214
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a115ed80640d66b81db3555d69c2854d86ff220c0e58419642ebf3ab25de8cab

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s92SbW6nPKzVMMSHT%2F7wYOlQv1yTXoXj60Tywp0dRpOmHeIG7KQBOjaDGiOzoTMwBTN5nlSZ%2BzKEu5MQdPIDu6Xt3ZisF1QnJsKvi3VKYq%2FJ4%2BzeBV%2F7k%2BMj0ieY80j2Q%2BjR7FzL"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8407f1fa297725a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 2894 		11 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:34 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
hb
hb.undertone.com/ Frame 2894 		0
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3590&domain=staradvertiser.com&ccpa=1---
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-73.iad89.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:34 GMT
via
1.1 7dc4818c830423900ae855831181d2b8.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
IAD89-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
eUvzvZ7njyCyfWsEdJhSt7Er0siG1JcOUrLwe_4_JP9mSmckCIHmYg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ Frame 2894 		19 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.6.0&referrer=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&tmax=3000&us_privacy=1---
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.194.35.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-35-34.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:34 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 2894 		19 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:33 GMT
an-x-request-uuid
f52bcd94-6984-451e-9641-8d6ebbff5cbf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 2894 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
aax.amazon-adsystem.com/e/dtb/ Frame 2894 		224 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&pid=RpnEwdKqxMHYi&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!stnvideo.com%2CSTN_0001779%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%2295d1454d-e53e-46b3-b4de-3341491a2a03%22%2C%22audigent%22%3A%22%257B%2522hadronId%2522%253A%2522060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%2522%257D%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.66.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-66-130.iad12.r.cloudfront.net
Software
Server /
Resource Hash
3cc698fc98f1baad4d8e918d57dfd18d0e5c8db41d9aaa184f39a5e22b06669d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:34 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7699e4f17e72e42cba0c247c650005d2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD12-P1
x-amz-rid
AF165QZ7BGRK2YSV24RK
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
224
x-amz-cf-id
dwHpSUmCSB7hEguD8tSLAN-7eQ-5CjFlBHgQu212IuWBlUplawm5qA==
publishertag.prebid.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a5703e4d983ecfe345be6d556cd51709d521ac7d3544b2715476a6736599db82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 21 Dec 2023 07:50:16 GMT
server
nginx
etag
W/"6583ee38-181cc"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 06 Jan 2024 01:28:33 GMT
32202822055745462659705d2b64346.47145170-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		400 KB
401 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/32202822055745462659705d2b64346.47145170-00001.ts
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3e78c019ae8fe29db0196896a99c75ba2ece17be85133ed9a296f2251a7be29

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:40:28 GMT
via
1.1 08f45c153a856ff7955174d0e6f60744.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
age
20886
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
409088
last-modified
Thu, 04 Jan 2024 19:24:44 GMT
server
AmazonS3
etag
"976d4eccebff6afc0a5d127ddb0a159e"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
Icxkx5QP9oIzsbQajGvViGGXhTbr3wCePmHGIYZChEIXENBQGp7q4Q==
usync.html
eus.rubiconproject.com/ Frame FFC3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:34 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:34 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9447
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704418112026.6&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71426
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 05 Jan 2024 01:28:34 GMT
expires
Fri, 05 Jan 2024 21:19:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Fri, 05 Jan 2024 01:28:33 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP006
x-33x-status
40000000008200000A
match
events-ssc.33across.com/ Frame A7BA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=59e9df5d-c912-4e7b-b753-fe5a89a9761c&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:34 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:34 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame A7BA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-iv3gN.tE2uEkYFmPdqKwnYFQAUpDuJNR~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iv3gN.tE2uEkYFmPdqKwnYFQAUpDuJNR%7EA&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iv3gN.tE2uEkYFmPdqKwnYFQAUpDuJNR%7EA&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:34 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:33 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iv3gN.tE2uEkYFmPdqKwnYFQAUpDuJNR%7EA&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
ps
ssc-cms.33across.com/ Frame A7BA
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504514&us_privacy=
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps?xi=64&xu=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504514&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP019 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Fri, 05 Jan 2024 01:28:34 GMT
server
33XP019

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:34 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://ssc-cms.33across.com/ps?xi=64&xu=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504514&us_privacy=
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
match
events-ssc.33across.com/ Frame A7BA
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2687056411155449827788
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2687056411155449827788&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2687056411155449827788&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dNKo_iRtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:34 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:34 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2687056411155449827788&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
st
imprchmp.taboola.com/ Frame F95A 		531 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8MuwCLAZYi8NDfbKruBKwFoeH-mRXcS0AAABgYID-AIk4J5uJw-RbCxam5Vq0Gk7Wws1k5FYZloPdYjKxrRyrISAR52QzcZh8a8HCtFyLVsPJWriZjNwqw3KwW0wmtpVjNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG9ih6XT4XPd63e9315welofJ9rKcnp6X5a7xu_2SwWS0Fyz2gtFeYnk5vE67zy13-T5_td_ycouODrtbMlgr7VbX5WVyK2yml-Utd_neyr_l69Y4Tc-35nXxPZxv0eXhtLtFLsvDafb85QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaA8Q0CziwHBHf5Dsq_5esPAAAAACAAAAAASAAM7DeWALh4TTzx_________x9jgD7zRsb_____jYUeAA8-AB6EAAAAXAwxl61BrB3ZLSdyYFOEEQAAAAATQjujI5N0gopFlf___34rAFcAAAIYr3nIlrLoDkq8hQEAACgYs0APi99vdtg1frfL_P________-b-T_zj0ZoZGYmjfAkPKmaX0AAgDW_gAAAbNQNAMCbADhBJwBWRyEWs8FyM1kOlrMDAAAAcOf___9fD8jMfIvBxGTYbTwr32oz8Q1XE4dtZlmYbBvjxjTYHvHI_4yiLyjiPiHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBgtRptVjPPWuUyzdyilWO0Fm5GE7duuBwsTDPjZmWzuUWvj-njHKwME48XCQaw7UXytEgnssnKNfEtJoPByDba7JbDjck2WZgcI9PGspgYJxOxRHOySCeyy74z8y0GE5Nht_GsfKvNxDdcTRy2mWVhsm2MG9NgX1itRpvVzLNWuUwzt2jlGK2Fm9HErRsuBwvTzLhZ2Wxu0etj-jgHK8PE42_sBqPRYrgYDPeN3WA0WgwXg-G-Q2f4rj5no_JlzHiEIpE4sdvZnAaFy2DxTosWaetw9Bl1XttEmFqbdo6JVWiVeA0Kz8FjGhtr6sPfmlvtbhaF42BRxBLBRTrRO4yut-b0sDxMtpfl9PS8LBexRGm6SCd6yWAy2gsWe8FoL7G8HF6n3eeWu3yfv9pveblFR4fdLRmslXar6_IyuRU208vylrt8b-Xf8nVrnKbnW_O6-B7Ot-jycNrdIpfl4TR7LmKJ4HSRTkQv4-mi_qOGGc4Vm8lcsRjOdYNVAgAAAAAAAACwBJNMNwEAAABwMpDZYjBYrdNBrFaTyWy1XAARVqy6fv5ZsHPebBl3SamVa7HF1qEUa-yxiXcYXW_N6WF5mGwvy-npeVmuDCDCSpXZZp8RxFqtljUAAAABbAAAAAHcdONNwJkV9____z8OAAAAgBx6AAAA9PuAooqFH7lQ7PkVxGIxGO0fgAqxVqvV7cZarVZAgdpNIABAQD1BAAAAAACAFTA!&cmcv=&pix=undefined&cb=1704418113878&uv=3372&tms=1704418113878&abt=adxsub-out_vA!adxsub-out_vB!esv_vB!lvlstst-in2_vB!lvlstst1_vB!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=b923bad7-0a49-4582-832d-e090712b6e15&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d7a55c8306ab061ce5580e54de10b733f0531c68c7951e074795a3c809ed530d

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Fri, 05 Jan 2024 01:28:34 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760087-MIA
x-timer
S1704418114.056654,VS0,VE40
sync
ch-match.taboola.com/ Frame 499F 		531 B
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ch-match.taboola.com/sync?dast=V8MuwCLAZYi8NDfbKruBKwFoeH-mRXcS0AAABgYID-AIk4J5uJw-RbCxam5Vq0Gk7Wws1k5FYZloPdYjKxrRyrISAR52QzcZh8a8HCtFyLVsPJWriZjNwqw3KwW0wmtpVjNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG9ih6XT4XPd63e9315welofJ9rKcnp6X5a7xu_2SwWS0Fyz2gtFeYnk5vE67zy13-T5_td_ycouODrtbMlgr7VbX5WVyK2yml-Utd_neyr_l69Y4Tc-35nXxPZxv0eXhtLtFLsvDafb85QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaA8Q0CziwHBHf5Dsq_5esPAAAAACAAAAAASAAM7DeWALh4TTzx_________x9jgD7zRsb_____jYUeAA8-AB6EAAAAXAwxl61BrB3ZLSdyYFOEEQAAAAATQjujI5N0gopFlf___34rAFcAAAIYr3nIlrLoDkq8hQEAACgYs0APi99vdtg1frfL_P________-b-T_zj0ZoZGYmjfAkPKmaX0AAgDW_gAAAbNQNAMCbADhBJwBWRyEWs8FyM1kOlrMDAAAAcOf___9fD8jMfIvBxGTYbTwr32oz8Q1XE4dtZlmYbBvjxjTYHvHI_4yiLyjiPiHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBgtRptVjPPWuUyzdyilWO0Fm5GE7duuBwsTDPjZmWzuUWvj-njHKwME48XCQaw7UXytEgnssnKNfEtJoPByDba7JbDjck2WZgcI9PGspgYJxOxRHOySCeyy74z8y0GE5Nht_GsfKvNxDdcTRy2mWVhsm2MG9NgX1itRpvVzLNWuUwzt2jlGK2Fm9HErRsuBwvTzLhZ2Wxu0etj-jgHK8PE42_sBqPRYrgYDPeN3WA0WgwXg-G-Q2f4rj5no_JlzHiEIpE4sdvZnAaFy2DxTosWaetw9Bl1XttEmFqbdo6JVWiVeA0Kz8FjGhtr6sPfmlvtbhaF42BRxBLBRTrRO4yut-b0sDxMtpfl9PS8LBexRGm6SCd6yWAy2gsWe8FoL7G8HF6n3eeWu3yfv9pveblFR4fdLRmslXar6_IyuRU208vylrt8b-Xf8nVrnKbnW_O6-B7Ot-jycNrdIpfl4TR7LmKJ4HSRTkQv4-mi_qOGGc4Vm8lcsRjOdYNVAgAAAAAAAACwBJNMNwEAAABwMpDZYjBYrdNBrFaTyWy1XAARVqy6fv5ZsHPebBl3SamVa7HF1qEUa-yxiXcYXW_N6WF5mGwvy-npeVmuDCDCSpXZZp8RxFqtljUAAAABbAAAAAHcdONNwJkV9____z8OAAAAgBx6AAAA9PuAooqFH7lQ7PkVxGIxGO0fgAqxVqvV7cZarVZAgdpNIABAQD1BAAAAAACAFTA!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
d7a55c8306ab061ce5580e54de10b733f0531c68c7951e074795a3c809ed530d

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 05 Jan 2024 01:28:34 GMT
machineid
3805
server
nginx
st
ch-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8MuwCLAZYi8NDfbKruBKwFoeH-mRXcS0AAABgYID-AIk4J5uJw-RbCxam5Vq0Gk7Wws1k5FYZloPdYjKxrRyrISAR52QzcZh8a8HCtFyLVsPJWriZjNwqw3KwW0wmtpVjNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG9ih6XT4XPd63e9315welofJ9rKcnp6X5a7xu_2SwWS0Fyz2gtFeYnk5vE67zy13-T5_td_ycouODrtbMlgr7VbX5WVyK2yml-Utd_neyr_l69Y4Tc-35nXxPZxv0eXhtLtFLsvDafb85QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaA8Q0CziwHBHf5Dsq_5esPAAAAACAAAAAASAAM7DeWALh4TTzx_________x9jgD7zRsb_____jYUeAA8-AB6EAAAAXAwxl61BrB3ZLSdyYFOEEQAAAAATQjujI5N0gopFlf___34rAFcAAAIYr3nIlrLoDkq8hQEAACgYs0APi99vdtg1frfL_P________-b-T_zj0ZoZGYmjfAkPKmaX0AAgDW_gAAAbNQNAMCbADhBJwBWRyEWs8FyM1kOlrMDAAAAcOf___9fD8jMfIvBxGTYbTwr32oz8Q1XE4dtZlmYbBvjxjTYHvHI_4yiLyjiPiHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBgtRptVjPPWuUyzdyilWO0Fm5GE7duuBwsTDPjZmWzuUWvj-njHKwME48XCQaw7UXytEgnssnKNfEtJoPByDba7JbDjck2WZgcI9PGspgYJxOxRHOySCeyy74z8y0GE5Nht_GsfKvNxDdcTRy2mWVhsm2MG9NgX1itRpvVzLNWuUwzt2jlGK2Fm9HErRsuBwvTzLhZ2Wxu0etj-jgHK8PE42_sBqPRYrgYDPeN3WA0WgwXg-G-Q2f4rj5no_JlzHiEIpE4sdvZnAaFy2DxTosWaetw9Bl1XttEmFqbdo6JVWiVeA0Kz8FjGhtr6sPfmlvtbhaF42BRxBLBRTrRO4yut-b0sDxMtpfl9PS8LBexRGm6SCd6yWAy2gsWe8FoL7G8HF6n3eeWu3yfv9pveblFR4fdLRmslXar6_IyuRU208vylrt8b-Xf8nVrnKbnW_O6-B7Ot-jycNrdIpfl4TR7LmKJ4HSRTkQv4-mi_qOGGc4Vm8lcsRjOdYNVAgAAAAAAAACwBJNMNwEAAABwMpDZYjBYrdNBrFaTyWy1XAARVqy6fv5ZsHPebBl3SamVa7HF1qEUa-yxiXcYXW_N6WF5mGwvy-npeVmuDCDCSpXZZp8RxFqtljUAAAABbAAAAAHcdONNwJkV9____z8OAAAAgBx6AAAA9PuAooqFH7lQ7PkVxGIxGO0fgAqxVqvV7cZarVZAgdpNIABAQD1BAAAAAACAFTA!&cmcv=&pix=31589837&cb=1704418113877&uv=3372&tms=1704418113877&abt=adxsub-out_vA!adxsub-out_vB!esv_vB!lvlstst-in2_vB!lvlstst1_vB!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1704418103552.4!ts:1704418113877&mntl=1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:33 GMT
content-length
0
server
nginx
usync.html
eus.rubiconproject.com/ Frame 124B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:34 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:34 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
match
events-ssc.33across.com/ Frame CDB8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=the33across&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc&google_hm=ZjIzYmQzMTItNWJiNi00MjRhLTk1ZTktZDE1MjIwZjBl...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHl6DoqfiwaGI5r4GKl3JBk&google_cver=1&ssp=the33across&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:34 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:34 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame CDB8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-iv3gN.tE2uEkYFmPdqKwnYFQAUpDuJNR~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iv3gN.tE2uEkYFmPdqKwnYFQAUpDuJNR%7EA&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iv3gN.tE2uEkYFmPdqKwnYFQAUpDuJNR%7EA&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:34 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:34 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iv3gN.tE2uEkYFmPdqKwnYFQAUpDuJNR%7EA&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
ps
ssc-cms.33across.com/ Frame CDB8
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504514&us_privacy=
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps?xi=64&xu=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504514&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP019 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Fri, 05 Jan 2024 01:28:34 GMT
server
33XP019

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:34 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://ssc-cms.33across.com/ps?xi=64&xu=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504514&us_privacy=
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
match
events-ssc.33across.com/ Frame CDB8
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2687056411155449827788
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2687056411155449827788&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2687056411155449827788&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:34 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:33 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2687056411155449827788&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D868
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704418112026.6&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=cCEXk2Rtir6jLGaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71426
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 05 Jan 2024 01:28:34 GMT
expires
Fri, 05 Jan 2024 21:19:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Fri, 05 Jan 2024 01:28:33 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP006
x-33x-status
40000000008200000A
usync.html
eus.rubiconproject.com/ Frame E482
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:34 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:34 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
/
ssc-cms.33across.com/ps/ Frame AE0A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=-tBDgfwlV_hvwp42xPpc4iaEdkY&user_group=1&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=f23bd312-5bb6-424a-95e9-d15220f0e7dc
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP017 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Fri, 05 Jan 2024 01:28:34 GMT
server
33XP017

Redirect headers

Location
//ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Date
Fri, 05 Jan 2024 01:28:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
match
events-ssc.33across.com/ Frame AE0A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-iv3gN.tE2uEkYFmPdqKwnYFQAUpDuJNR~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iv3gN.tE2uEkYFmPdqKwnYFQAUpDuJNR%7EA&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iv3gN.tE2uEkYFmPdqKwnYFQAUpDuJNR%7EA&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:34 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:33 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iv3gN.tE2uEkYFmPdqKwnYFQAUpDuJNR%7EA&ts=1704418114&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
ps
ssc-cms.33across.com/ Frame AE0A
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504514&us_privacy=
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps?xi=64&xu=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504514&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP018 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Fri, 05 Jan 2024 01:28:33 GMT
server
33XP018

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:34 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://ssc-cms.33across.com/ps?xi=64&xu=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504514&us_privacy=
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
ssc-cms.33across.com/ps/ Frame AE0A
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2687056411155449827788
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2687056411155449827788
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP013 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Fri, 05 Jan 2024 01:28:33 GMT
server
33XP013

Redirect headers

location
https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2687056411155449827788
date
Fri, 05 Jan 2024 01:28:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8C23
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704418112026.6&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=doHK72Rtir6ikDaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71426
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 05 Jan 2024 01:28:34 GMT
expires
Fri, 05 Jan 2024 21:19:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Fri, 05 Jan 2024 01:28:33 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP003
x-33x-status
40000000008200000A
error
api.assertcom.de/ 		0
313 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/error
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.211.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.211.175.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:34 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
usync.js
eus.rubiconproject.com/ Frame 8530 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12349
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
usync.js
eus.rubiconproject.com/ Frame 0868 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12349
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
be96b820e5daac93
ads.us.e-planning.net/uspd/1/ Frame CF76
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
3d3e86ae5724d40686183fe12e439b457b641edefc2947e3bb2a6dc73d8057e2

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 05 Jan 2024 01:28:34 GMT
expires
Fri, 05 Jan 2024 01:28:34 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1215

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Fri, 05 Jan 2024 01:28:34 GMT
location
/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1215
pixel
cm.g.doubleclick.net/ Frame 197C
Redirect Chain
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=5aae2540-b768-4666-864c-f0c5786ce1d3&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_co...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NWFhZTI1NDAtYjc2OC00NjY2LTg2NGMtZjBjNTc4NmNlMWQz&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NWFhZTI1NDAtYjc2OC00NjY2LTg2NGMtZjBjNTc4NmNlMWQz&us_privacy=1---
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=62653&gdprIab={%22reason%22:0,%22status%22:0,%22consent%22:%22%22,%22apiVersion%22:2,%22cmpId%22:9}&fromFormat=true&env=js-web&auctid=7f4cbe29-60d9-4374-99cc-cb1a05bd0f3a&vid=5aae2540-b768-4666-864c-f0c5786ce1d3&us_privacy=1---&1704418112421
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:34 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NWFhZTI1NDAtYjc2OC00NjY2LTg2NGMtZjBjNTc4NmNlMWQz&us_privacy=1---
cache-control
max-age=0, no-cache, no-store
content-length
205
expires
Fri, 05 Jan 2024 01:28:34 GMT
um
sync.teads.tv/ Frame 197C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&gdpr_consent=&_t=1704418113365
  • https://sync.teads.tv/um?eid=22&uid=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent=
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=22&uid=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent=
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=62653&gdprIab={%22reason%22:0,%22status%22:0,%22consent%22:%22%22,%22apiVersion%22:2,%22cmpId%22:9}&fromFormat=true&env=js-web&auctid=7f4cbe29-60d9-4374-99cc-cb1a05bd0f3a&vid=5aae2540-b768-4666-864c-f0c5786ce1d3&us_privacy=1---&1704418112421
Protocol
H2
Server
23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-197-151.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 05 Jan 2024 01:28:34 GMT
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:34 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

location
https://sync.teads.tv/um?eid=22&uid=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent=
date
Fri, 05 Jan 2024 01:28:34 GMT
server
Kestrel
content-length
217
um
sync.teads.tv/ Frame 197C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1704418113365
  • https://sync.teads.tv/um?fp=1&eid=80&uid=8b8293d3-9878-4b12-9ae2-54436c2413c7&gdpr=0&gdpr_consent=
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?fp=1&eid=80&uid=8b8293d3-9878-4b12-9ae2-54436c2413c7&gdpr=0&gdpr_consent=
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=62653&gdprIab={%22reason%22:0,%22status%22:0,%22consent%22:%22%22,%22apiVersion%22:2,%22cmpId%22:9}&fromFormat=true&env=js-web&auctid=7f4cbe29-60d9-4374-99cc-cb1a05bd0f3a&vid=5aae2540-b768-4666-864c-f0c5786ce1d3&us_privacy=1---&1704418112421
Protocol
H2
Server
23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-197-151.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 05 Jan 2024 01:28:35 GMT
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:35 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:34 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.teads.tv/um?fp=1&eid=80&uid=8b8293d3-9878-4b12-9ae2-54436c2413c7&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1015355
content-length
0
expires
Fri, 05 Jan 2024 00:00:00 GMT
um
sync.teads.tv/ Frame 197C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/teads/5aae2540-b768-4666-864c-f0c5786ce1d3?gdpr=0&gdpr_consent=&_t=1704418113365
  • https://sync.teads.tv/um?eid=132&uid=y-c7OxrkJE2oQmkIRXPwaoO3SjoWBRIMhGgZQ-~A
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=132&uid=y-c7OxrkJE2oQmkIRXPwaoO3SjoWBRIMhGgZQ-~A
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=62653&gdprIab={%22reason%22:0,%22status%22:0,%22consent%22:%22%22,%22apiVersion%22:2,%22cmpId%22:9}&fromFormat=true&env=js-web&auctid=7f4cbe29-60d9-4374-99cc-cb1a05bd0f3a&vid=5aae2540-b768-4666-864c-f0c5786ce1d3&us_privacy=1---&1704418112421
Protocol
H2
Server
23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-197-151.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 05 Jan 2024 01:28:35 GMT
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:35 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

date
Fri, 05 Jan 2024 01:28:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.teads.tv/um?eid=132&uid=y-c7OxrkJE2oQmkIRXPwaoO3SjoWBRIMhGgZQ-~A
content-length
0
pixel.gif
load77.exelator.com/ Frame 197C
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=5aae2540-b768-4666-864c-f0c5786ce1d3_us_us&gdpr=0&gdpr_consent=&us_privacy=1---&_t=1704418113365
  • https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=5aae2540-b768-4666-864c-f0c5786ce1d3_us_us&gdpr=0&gdpr_consent=&us_privacy=1---&_t=1704418113365&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=62653&gdprIab={%22reason%22:0,%22status%22:0,%22consent%22:%22%22,%22apiVersion%22:2,%22cmpId%22:9}&fromFormat=true&env=js-web&auctid=7f4cbe29-60d9-4374-99cc-cb1a05bd0f3a&vid=5aae2540-b768-4666-864c-f0c5786ce1d3&us_privacy=1---&1704418112421
Protocol
H2
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop
ashburnUSVA
date
Fri, 05 Jan 2024 01:28:36 GMT
x-age-lb
441244
x-amz-request-id
tx00000e7d951a0399a3833-0065909fa7-5134150-nyc
x-77-cache
HIT
x-accel-date
1703976872
content-length
43
x-77-nzt
AyUTzgQ3Nzf/nLsGAJySO+I3Nzexz9PUZtu8rQA
x-accel-expires
@1705013672
x-77-age
441244
x-cache-lb
HIT
last-modified
Sat, 30 Dec 2023 22:32:08 GMT
server
CDN77-Turbo
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
x-77-nzt-ray
8e305f1c4bdfe452445b9765e9cbae29
content-type
image/gif
x-rgw-object-type
Normal
accept-ranges
bytes

Redirect headers

date
Fri, 05 Jan 2024 01:28:36 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
44858
tags.bluekai.com/site/ Frame 197C 		62 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/44858?id=5aae2540-b768-4666-864c-f0c5786ce1d3_us_us&limit=1&gdpr=0&gdpr_consent=&us_privacy=1---&_t=1704418113365
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=62653&gdprIab={%22reason%22:0,%22status%22:0,%22consent%22:%22%22,%22apiVersion%22:2,%22cmpId%22:9}&fromFormat=true&env=js-web&auctid=7f4cbe29-60d9-4374-99cc-cb1a05bd0f3a&vid=5aae2540-b768-4666-864c-f0c5786ce1d3&us_privacy=1---&1704418112421
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.145.114 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-145-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Fri, 05 Jan 2024 01:28:36 GMT
content-length
62
content-type
image/gif
/
p.adsymptotic.com/d/px/ Frame 197C
Redirect Chain
  • https://idsync.rlcdn.com/474599.gif?partner_uid=5aae2540-b768-4666-864c-f0c5786ce1d3_us&ct=4&cv=&us_privacy=1---&_t=1704418113365
  • https://idsync.rlcdn.com/1000.gif?memo=COf7HBIzCi8IARCzmAkaJzVhYWUyNTQwLWI3NjgtNDY2Ni04NjRjLWYwYzU3ODZjZTFkM191cxAAGg0IxLbdrAYSBQjoBxAAQgBKAFoECAQSAFoICAMSBDEtLS0
  • https://pippio.com/api/sync?pid=5324&it=1&iv=d4c4fdfa386fdf1025445860eb1b637075d9bbf91c676a8a2585ba7c887985c1791426b5417dce21&_=2
  • https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=06132730
0
0
g.pixel
aa.agkn.com/adscores/ Frame 197C 		43 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212301178&puid=5aae2540-b768-4666-864c-f0c5786ce1d3_us&_tid=5aae2540-b768-4666-864c-f0c5786ce1d3&gdpr=0&gdpr_consent=&us_privacy=1---&_t=1704418113365
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=62653&gdprIab={%22reason%22:0,%22status%22:0,%22consent%22:%22%22,%22apiVersion%22:2,%22cmpId%22:9}&fromFormat=true&env=js-web&auctid=7f4cbe29-60d9-4374-99cc-cb1a05bd0f3a&vid=5aae2540-b768-4666-864c-f0c5786ce1d3&us_privacy=1---&1704418112421
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-110.iad89.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
via
1.1 85fc1201a1918facbeb30836e7391660.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
IAD89-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
XgQuqCb8leJThumKbmQCEjeDpP8Jgnm3cr2dCH0BFZstxbdAyymZSg==
expires
0
usermatch.gif
beacon.krxd.net/ Frame 197C 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=teadspartner&partner_uid=5aae2540-b768-4666-864c-f0c5786ce1d3_us&gdpr=0&gdpr_consent=&us_privacy=1---&_t=1704418113365
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=62653&gdprIab={%22reason%22:0,%22status%22:0,%22consent%22:%22%22,%22apiVersion%22:2,%22cmpId%22:9}&fromFormat=true&env=js-web&auctid=7f4cbe29-60d9-4374-99cc-cb1a05bd0f3a&vid=5aae2540-b768-4666-864c-f0c5786ce1d3&us_privacy=1---&1704418112421
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.88.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-88-168.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n033-ash-prod.krxd.net
date
Fri, 05 Jan 2024 01:28:36 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1704418116
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync
sync.springserve.com/ Frame 197C
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=5aae2540-b768-4666-864c-f0c5786ce1d3&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&gdpr_consent...
  • https://sync.springserve.com/usersync?aid=1000024&uuid=5aae2540-b768-4666-864c-f0c5786ce1d3&us_privacy=1---
43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000024&uuid=5aae2540-b768-4666-864c-f0c5786ce1d3&us_privacy=1---
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=62653&gdprIab={%22reason%22:0,%22status%22:0,%22consent%22:%22%22,%22apiVersion%22:2,%22cmpId%22:9}&fromFormat=true&env=js-web&auctid=7f4cbe29-60d9-4374-99cc-cb1a05bd0f3a&vid=5aae2540-b768-4666-864c-f0c5786ce1d3&us_privacy=1---&1704418112421
Protocol
H2
Server
54.82.127.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-127-194.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 05 Jan 2024 01:28:36 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://sync.springserve.com/usersync?aid=1000024&uuid=5aae2540-b768-4666-864c-f0c5786ce1d3&us_privacy=1---
cache-control
max-age=0, no-cache, no-store
content-length
180
expires
Fri, 05 Jan 2024 01:28:36 GMT
report
sync.teads.tv/um/ Frame 197C
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=5aae2540-b768-4666-864c-f0c5786ce1d3&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NWFhZTI1NDAtYjc2OC00NjY2LTg2NGMtZjBjNTc4NmNlMWQz&us_privacy=1---
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=62653&gdprIab={%22reason%22:0,%22status%22:0,%22consent%22:%22%22,%22apiVersion%22:2,%22cmpId%22:9}&fromFormat=true&env=js-web&auctid=7f4cbe29-60d9-4374-99cc-cb1a05bd0f3a&vid=5aae2540-b768-4666-864c-f0c5786ce1d3&us_privacy=1---&1704418112421
Protocol
H2
Server
23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-197-151.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 05 Jan 2024 01:28:36 GMT
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 484B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:34 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:34 GMT
location
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
server
AkamaiGHost
CookieSync.html
csync.smartadserver.com/rtb/csync/ Frame E83F 		435 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da4d Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Fri, 05 Jan 2024 01:28:35 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524912.090457"
Last-Modified
Tue, 22 Feb 2022 09:59:55 GMT
Server
AkamaiNetStorage
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A54C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71426
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 05 Jan 2024 01:28:34 GMT
expires
Fri, 05 Jan 2024 21:19:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 5F91
Redirect Chain
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704418114850&pubconsent=&euconsent=&hasConsent=1
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704418114850&pubconsent=&euconsent=&hasConsent=1&rd=1
2 KB
978 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704418114850&pubconsent=&euconsent=&hasConsent=1&rd=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
75ffa4dd5d645d2b4fe8ac365b39633b989cd8d34ef2acadfffedc71854e9aa1

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:19 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:19 GMT
location
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704418114850&pubconsent=&euconsent=&hasConsent=1&rd=1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
/
ssc-cms.33across.com/ps/ Frame 6CB1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP016 /
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Fri, 05 Jan 2024 01:28:34 GMT
server
33XP016
x-33x-status
2000208
isync
visitor.omnitagjs.com/visitor/ Frame D425 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
103128a71299d9bf3b0abf68542aa73ef96e01cb40ea65c782346527fa0b545e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1559
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:35 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
x-kong-upstream-latency
7
/
onetag-sys.com/usync/ Frame EBD1 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75601b04186d260
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sharethrough
s.seedtag.com/cs/cookiesync/ Frame 30D9
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=
  • https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=c73598e4-19af-4225-ad41-0db5af961cdf&gdpr=0
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=c73598e4-19af-4225-ad41-0db5af961cdf&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 05 Jan 2024 01:28:35 GMT
server
openresty
via
1.1 google

Redirect headers

content-length
0
date
Fri, 05 Jan 2024 01:28:34 GMT
location
https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=c73598e4-19af-4225-ad41-0db5af961cdf&gdpr=0
pulsepoint
s.seedtag.com/cs/cookiesync/ Frame F9E1
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562983&ev=1&us_privacy=&rurl=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpulsepoint%3Fchanneluid%3D%25%25VGUID%25%25
  • https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=K5XH98XlPE9c&ev=1&us_privacy=&pid=562983
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=K5XH98XlPE9c&ev=1&us_privacy=&pid=562983
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 05 Jan 2024 01:28:35 GMT
server
openresty
via
1.1 google

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
cw-server
bh-deployment-5b8764964b-fsdm2
expires
-1
location
https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=K5XH98XlPE9c&ev=1&us_privacy=&pid=562983
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
s
s.seedtag.com/cs/st/ Frame ABC5 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/st/s
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:34 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
appnexus
s.seedtag.com/cs/cookiesync/ Frame ABC5
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7386633197929965226
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7386633197929965226
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:34 GMT
an-x-request-uuid
e846745e-7757-4113-8235-fff7adb552d1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7386633197929965226
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
smart
s.seedtag.com/cs/cookiesync/ Frame ABC5
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
  • https://s.seedtag.com/cs/cookiesync/smart?channeluid=6066353311403014312
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/smart?channeluid=6066353311403014312
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/smart?channeluid=6066353311403014312
date
Fri, 05 Jan 2024 01:28:35 GMT
content-length
0
outbrain
s.seedtag.com/cs/cookiesync/ Frame ABC5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/seedtag?cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__&gdpr=0&gdpr_consent=&puid=&s=2&us_privacy=
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=BUe8t8AGKClBFU9g5GxQ&gdpr=0
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=BUe8t8AGKClBFU9g5GxQ&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:36 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=BUe8t8AGKClBFU9g5GxQ&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
110
Expires
Thu, 01 Dec 1994 16:00:00 GMT
ttd
s.seedtag.com/cs/cookiesync/ Frame ABC5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://s.seedtag.com/cs/cookiesync/ttd?channeluid=736096f3-a33b-4e74-a900-147a47dba0f3
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/ttd?channeluid=736096f3-a33b-4e74-a900-147a47dba0f3
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/ttd?channeluid=736096f3-a33b-4e74-a900-147a47dba0f3
date
Fri, 05 Jan 2024 01:28:34 GMT
server
Kestrel
content-length
205
Bidswitch
s.seedtag.com/cs/cookiesync/ Frame ABC5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=seedtag&bsw_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D4997edfe-4ce1-4693-848f-c8b66f02f74e%252Chttps%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7386633197929965226&pt=4997edfe-4ce1-4693-848f-c8b66f02f74e%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=seedtag&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Location
//s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=
Date
Fri, 05 Jan 2024 01:28:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
richaudience
s.seedtag.com/cs/cookiesync/ Frame ABC5
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D&rd=1
  • https://s.seedtag.com/cs/cookiesync/richaudience?channeluid=48de1664-fb49-47b7-b409-1zz1704418099
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/richaudience?channeluid=48de1664-fb49-47b7-b409-1zz1704418099
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/richaudience?channeluid=48de1664-fb49-47b7-b409-1zz1704418099
date
Fri, 05 Jan 2024 01:28:20 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server_match
ad.360yield.com/ Frame ABC5 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.243.186.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-186-52.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 05 Jan 2024 01:28:35 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
indexexchange
s.seedtag.com/cs/cookiesync/ Frame ABC5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZZdbPwCgEoqR40X4NR82pgAA%261641
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZZdbPwCgEoqR40X4NR82pgAA%261641
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXUrSKebEqUQIiUrBm2mkvatFTNquPxHw6aVWRBJvwjTJYe7lz32EbwewqaPfhVTCZZHx89n0QETLpJfSUg2Ci29yDBDMdqz8vdyHK5zCjxlLg0p98ihpPEg21IQZTSpOtXUN9cWVDZpuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZZdbPwCgEoqR40X4NR82pgAA%261641
cache-control
no-cache
cf-ray
8407f202891625a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
verizon
s.seedtag.com/cs/cookiesync/ Frame ABC5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58427/occ
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-uGmQNf9E2uGk8tFr6mk8l.QU3q9_7CWdCklAipk-~A
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-uGmQNf9E2uGk8tFr6mk8l.QU3q9_7CWdCklAipk-~A
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-uGmQNf9E2uGk8tFr6mk8l.QU3q9_7CWdCklAipk-~A
date
Fri, 05 Jan 2024 01:28:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
adform
s.seedtag.com/cs/cookiesync/ Frame ABC5
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fadform%3Fchanneluid%3D%24UID
  • https://s.seedtag.com/cs/cookiesync/adform?channeluid=5394353749448417114
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/adform?channeluid=5394353749448417114
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/adform?channeluid=5394353749448417114
date
Fri, 05 Jan 2024 01:28:35 GMT
server
nginx
content-length
0
content-type
text/plain
sovrn
s.seedtag.com/cs/cookiesync/ Frame ABC5
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID
  • https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=H8B4hBZHEQ_m7NwFTi24NL7-
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=H8B4hBZHEQ_m7NwFTi24NL7-
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Date
Fri, 05 Jan 2024 01:28:34 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=H8B4hBZHEQ_m7NwFTi24NL7-
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
openx
s.seedtag.com/cs/cookiesync/ Frame ABC5
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e297ef35-c932-4587-9b44-3838020a33e7&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fopenx%3Fchanneluid%3D%7BOPENX_ID%7D
  • https://s.seedtag.com/cs/cookiesync/openx?channeluid=14242342-9502-4d91-b891-486d4ddee94e
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/openx?channeluid=14242342-9502-4d91-b891-486d4ddee94e
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

date
Fri, 05 Jan 2024 01:28:34 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://s.seedtag.com/cs/cookiesync/openx?channeluid=14242342-9502-4d91-b891-486d4ddee94e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
yeahmobi
s.seedtag.com/cs/cookiesync/ Frame ABC5
Redirect Chain
  • https://event.clientgear.com/cookie/seedtag?partner=seedtag&cookieid=
  • https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mka437b19fc08a48c28f93aeaf223ee5f8
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mka437b19fc08a48c28f93aeaf223ee5f8
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mka437b19fc08a48c28f93aeaf223ee5f8
date
Fri, 05 Jan 2024 01:28:35 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
rtbhouse
s.seedtag.com/cs/cookiesync/ Frame ABC5
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=seedtag
  • https://creativecdn.com/cm-notify?pi=seedtag&tc=1
  • https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=seedtag&tc=1
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=seedtag&tc=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=seedtag&tc=1
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:35 GMT, Fri, 05 Jan 2024 01:28:35 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
opera
s.seedtag.com/cs/cookiesync/ Frame ABC5
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub9283744565120
  • https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPU6f38051ae3b444a4aea786afd04874f0
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPU6f38051ae3b444a4aea786afd04874f0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:35 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPU6f38051ae3b444a4aea786afd04874f0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
111
expires
Mon, 01 Jan 1990 00:00:00 GMT
event
event.insticator.com/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.85.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-85-240.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:35 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.85.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-85-240.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Fri, 05 Jan 2024 01:28:34 GMT
vary
Origin
event
event.insticator.com/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.85.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-85-240.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:35 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.85.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-85-240.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:35 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.85.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-85-240.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Fri, 05 Jan 2024 01:28:34 GMT
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.85.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-85-240.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Fri, 05 Jan 2024 01:28:34 GMT
vary
Origin
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame FE25 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=x9nb1jn75hou
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Jan 2025 00:44:05 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame FE25 		503 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=x9nb1jn75hou
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Jan 2025 00:44:06 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame E5BB 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=c8pisbjflbue
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Jan 2025 00:44:05 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame E5BB 		503 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=c8pisbjflbue
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Jan 2025 00:44:06 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Fri, 05 Jan 2024 01:28:35 GMT
via
1.1 varnish
x-amz-request-id
KVAJ6Q009QCW97RM
age
26529
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
DwKR+V0ahyrIfE9ny0MhUhVxsDNtfz7Rh47R2/Ww+5VFFCIAWzGNhBCqKKGZpyPVnlKhUUHGAS0=
x-served-by
cache-mia-kmia1760087-MIA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1704418115.011046,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
22
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
5068
config.js
cdn.confiant-integrations.net/3YAuFpM-Bh5lZY_ZLdSxFknzxv8/gpt_and_prebid/ 		74 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/3YAuFpM-Bh5lZY_ZLdSxFknzxv8/gpt_and_prebid/config.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3WXZ5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8d42bd77ade5b8ac592a18e49b75cb5bd53313539c824f76798327b71e7b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Jan 2024 00:33:41 GMT
server
cloudflare
x-amz-request-id
02MWEJKKT34ER5F8
age
644
etag
W/"d16bb2efef0c82942e61ca01af4da7f6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
8407f203bff29abd-MIA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
p+/g+Xcvm/CHejeDeGNlkKhPZV8bft+sx+A9vWv2HcUXkEKtHwm3ClhaaUpoLgLvt0LwCP9NPM8=
envelope
lexicon.33across.com/v1/ Frame 2894 		42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 05 Jan 2024 01:28:34 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
geoip.instiengage.com/json/ Frame 0927 		239 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.92.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-92-32.compute-1.amazonaws.com
Software
/
Resource Hash
e1bb93212595f410e0d69a4f0a1142cf46152d21b8e7800a7d1ad099dd56eb37

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:35 GMT
access-control-allow-credentials
true
x-database-date
Thu, 04 Jan 2024 14:36:32 GMT
content-length
239
vary
Origin
content-type
application/json
logo-insticator-light-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame 0927 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/logo-insticator-light-opt.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:244d:2200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7ed7ef9182dc5206d1b7a8038bcfe2b57fc1be96d78b75152e9b713ca4ef2d6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
T2IjPTIo4qchLnC2G3GrIcEa98kcWaxz
date
Fri, 05 Jan 2024 01:27:39 GMT
via
1.1 03c28758fe0abb70088fb45c6855d854.cloudfront.net (CloudFront)
last-modified
Wed, 13 Jul 2022 16:30:10 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P2
age
74
etag
"591958545714b5567fc57c2f4c215b1c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-replication-status
REPLICA
accept-ranges
bytes
content-length
3973
x-amz-cf-id
az9mVHpCoJ1gAFKDbKpoffUhZg02DODNiKtalP-XFwQFMJ0SEzdqKw==
icon-check.png
static.instiengage.com/files/images/embed4.0/app/ Frame 0927 		649 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/icon-check.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:244d:2200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
LAzj2T9To4nJbbC7ZHWfpQpTuFxrgcvY
date
Fri, 05 Jan 2024 01:26:48 GMT
via
1.1 03c28758fe0abb70088fb45c6855d854.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P2
age
108
etag
"b673377b664a0b33454c267d911fcfc1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
649
x-amz-cf-id
GCPhDru___nY4HUyEcNWxToy1DlohAQ4ZgeKx-R6s4q-0_jWa0RjoQ==
graphic-ooc-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame 0927 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/graphic-ooc-opt.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:244d:2200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
eOMnJSzBI81wb4OK.n4S.oHVD4IqRrSP
date
Fri, 05 Jan 2024 01:26:45 GMT
via
1.1 03c28758fe0abb70088fb45c6855d854.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:05 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P2
age
111
etag
"3b5c1361f893cc23b07c2f3cc48cee32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4833
x-amz-cf-id
SuemnGpJ69y3nRRaP_BBXXGvQKuQa-HSpdVtv0RmA_5YXpVO_ATIHg==
contents
cms.instiengage.com/v3/ Frame 0927 		19 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.instiengage.com/v3/contents?embed_uuid=e5666664-52a2-4b8b-bca2-c3f0a6d328e9&cookie_id=null&content_order=RANDOM&for_embed=true&content_count=20
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.92.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-92-32.compute-1.amazonaws.com
Software
/
Resource Hash
1d54b0e8deed622a1b179a377786e60243003400bcef5105144f7bb35f87f017

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:35 GMT
access-control-allow-credentials
true
content-length
19341
vary
Origin
content-type
application/json
9f2b6171-1e94-49f1-a0c4-554bc711ecd2
static.instiengage.com/client_logos/0eda47e1-3a3f-4444-8ab9-a525f4133e8d/ Frame 0927 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/client_logos/0eda47e1-3a3f-4444-8ab9-a525f4133e8d/9f2b6171-1e94-49f1-a0c4-554bc711ecd2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:244d:2200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5beb7bba5c75858816b11c8580fdd3bcf604e93a79530e1654c9beae6415b8c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
tCYk0K_CgNnihEOvFnIpENr6jQFq6MpB
date
Fri, 05 Jan 2024 01:26:01 GMT
via
1.1 03c28758fe0abb70088fb45c6855d854.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 15:09:51 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P2
age
155
etag
"e9c04200289ddc642817c10cbc1d3015"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
max-age=3600,public
accept-ranges
bytes
content-length
5961
x-amz-cf-id
Byl9Yf9fZjVcuxlrgXHuM4Jg2_6DApfiB-vtybkbDMsLsyOF62Dyrg==
async_usersync
ib.adnxs.com/ Frame 012D 		0
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:35 GMT
an-x-request-uuid
cc55124e-2acd-4f79-9620-e75bd6d5de6f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ares-unit.js.gz
origami.secure.ownlocal.com/origami_unit/production/ Frame E3AD 		115 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.js.gz
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
76030226a4c84fea482d1973d13b167de5bc7ca74460ce8f00932b0dee7b0013

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:43:44 GMT
content-encoding
gzip
age
2691
x-guploader-uploadid
ABPtcPrPni6AbCOd_CrcSssaPGRMT-r0SH8JYhswBbCuqrDsuprRxicWsbqZxQyiV2f07gNIx051hjOrIg
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32385
last-modified
Fri, 01 Dec 2023 13:28:06 GMT
server
UploadServer
etag
"334593e6f7cb45c23ba2e09e67e4d97e"
vary
Accept-Encoding
x-goog-generation
1701437285991271
content-language
en
access-control-allow-origin
*
x-goog-hash
crc32c=mtuVqw==, md5=M0WT5vfLRcI7ouCeZ+TZfg==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
32385
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 06 Jan 2024 00:43:44 GMT
ares-unit.js.gz
origami.secure.ownlocal.com/origami_unit/production/ Frame 238D 		115 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.js.gz
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
76030226a4c84fea482d1973d13b167de5bc7ca74460ce8f00932b0dee7b0013

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:43:44 GMT
content-encoding
gzip
age
2691
x-guploader-uploadid
ABPtcPrPni6AbCOd_CrcSssaPGRMT-r0SH8JYhswBbCuqrDsuprRxicWsbqZxQyiV2f07gNIx051hjOrIg
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32385
last-modified
Fri, 01 Dec 2023 13:28:06 GMT
server
UploadServer
etag
"334593e6f7cb45c23ba2e09e67e4d97e"
vary
Accept-Encoding
x-goog-generation
1701437285991271
content-language
en
access-control-allow-origin
*
x-goog-hash
crc32c=mtuVqw==, md5=M0WT5vfLRcI7ouCeZ+TZfg==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
32385
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 06 Jan 2024 00:43:44 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3ADB 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65564323&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
feb152f30c9e17b6549f125c529114698a6fba2425827ee1a52ba6448d6181f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=66608816&t=pageview&_s=1&dl=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&dp=%2F134cd2a0-7eab-4f89-ad56-f416cc5743c6&ul=en-us&de=UTF-8&dt=More%20than%2020%20injured%20after%20New%20York%20City%20subway%20train%20derails%20%7C%20Honolulu%20Star-Advertiser&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDAAUIZAAAAACAMI~&jid=269797655&gjid=353234614&cid=495654607.1704418108&tid=UA-123718506-11&_gid=1065753684.1704418108&_r=1&_slc=1&z=1376399437
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pips.taboola.com/ 		4 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
cache-mia-kmia1760099-MIA
date
Fri, 05 Jan 2024 01:28:35 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 499F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=736096f3-a33b-4e74-a900-147a47dba0f3
0
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=736096f3-a33b-4e74-a900-147a47dba0f3
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8MuwCLAZYi8NDfbKruBKwFoeH-mRXcS0AAABgYID-AIk4J5uJw-RbCxam5Vq0Gk7Wws1k5FYZloPdYjKxrRyrISAR52QzcZh8a8HCtFyLVsPJWriZjNwqw3KwW0wmtpVjNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG9ih6XT4XPd63e9315welofJ9rKcnp6X5a7xu_2SwWS0Fyz2gtFeYnk5vE67zy13-T5_td_ycouODrtbMlgr7VbX5WVyK2yml-Utd_neyr_l69Y4Tc-35nXxPZxv0eXhtLtFLsvDafb85QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaA8Q0CziwHBHf5Dsq_5esPAAAAACAAAAAASAAM7DeWALh4TTzx_________x9jgD7zRsb_____jYUeAA8-AB6EAAAAXAwxl61BrB3ZLSdyYFOEEQAAAAATQjujI5N0gopFlf___34rAFcAAAIYr3nIlrLoDkq8hQEAACgYs0APi99vdtg1frfL_P________-b-T_zj0ZoZGYmjfAkPKmaX0AAgDW_gAAAbNQNAMCbADhBJwBWRyEWs8FyM1kOlrMDAAAAcOf___9fD8jMfIvBxGTYbTwr32oz8Q1XE4dtZlmYbBvjxjTYHvHI_4yiLyjiPiHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBgtRptVjPPWuUyzdyilWO0Fm5GE7duuBwsTDPjZmWzuUWvj-njHKwME48XCQaw7UXytEgnssnKNfEtJoPByDba7JbDjck2WZgcI9PGspgYJxOxRHOySCeyy74z8y0GE5Nht_GsfKvNxDdcTRy2mWVhsm2MG9NgX1itRpvVzLNWuUwzt2jlGK2Fm9HErRsuBwvTzLhZ2Wxu0etj-jgHK8PE42_sBqPRYrgYDPeN3WA0WgwXg-G-Q2f4rj5no_JlzHiEIpE4sdvZnAaFy2DxTosWaetw9Bl1XttEmFqbdo6JVWiVeA0Kz8FjGhtr6sPfmlvtbhaF42BRxBLBRTrRO4yut-b0sDxMtpfl9PS8LBexRGm6SCd6yWAy2gsWe8FoL7G8HF6n3eeWu3yfv9pveblFR4fdLRmslXar6_IyuRU208vylrt8b-Xf8nVrnKbnW_O6-B7Ot-jycNrdIpfl4TR7LmKJ4HSRTkQv4-mi_qOGGc4Vm8lcsRjOdYNVAgAAAAAAAACwBJNMNwEAAABwMpDZYjBYrdNBrFaTyWy1XAARVqy6fv5ZsHPebBl3SamVa7HF1qEUa-yxiXcYXW_N6WF5mGwvy-npeVmuDCDCSpXZZp8RxFqtljUAAAABbAAAAAHcdONNwJkV9____z8OAAAAgBx6AAAA9PuAooqFH7lQ7PkVxGIxGO0fgAqxVqvV7cZarVZAgdpNIABAQD1BAAAAAACAFTA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
36
date
Fri, 05 Jan 2024 01:28:36 GMT
via
1.1 varnish
x-served-by
cache-mia-kmia1760087-MIA
server
nginx
x-timer
S1704418116.001365,VS0,VE36
x-fastly-to-nlb-rtt
35074
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=736096f3-a33b-4e74-a900-147a47dba0f3
date
Fri, 05 Jan 2024 01:28:35 GMT
server
Kestrel
content-length
239
/
sync.taboola.com/sg/medianetrtb-network/1/rtb-h/ Frame 499F
Redirect Chain
  • https://cs.media.net/cksync?cs=69&type=tb&gdpr=0&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E
  • https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3474197131523813000V10
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3474197131523813000V10
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8MuwCLAZYi8NDfbKruBKwFoeH-mRXcS0AAABgYID-AIk4J5uJw-RbCxam5Vq0Gk7Wws1k5FYZloPdYjKxrRyrISAR52QzcZh8a8HCtFyLVsPJWriZjNwqw3KwW0wmtpVjNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG9ih6XT4XPd63e9315welofJ9rKcnp6X5a7xu_2SwWS0Fyz2gtFeYnk5vE67zy13-T5_td_ycouODrtbMlgr7VbX5WVyK2yml-Utd_neyr_l69Y4Tc-35nXxPZxv0eXhtLtFLsvDafb85QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaA8Q0CziwHBHf5Dsq_5esPAAAAACAAAAAASAAM7DeWALh4TTzx_________x9jgD7zRsb_____jYUeAA8-AB6EAAAAXAwxl61BrB3ZLSdyYFOEEQAAAAATQjujI5N0gopFlf___34rAFcAAAIYr3nIlrLoDkq8hQEAACgYs0APi99vdtg1frfL_P________-b-T_zj0ZoZGYmjfAkPKmaX0AAgDW_gAAAbNQNAMCbADhBJwBWRyEWs8FyM1kOlrMDAAAAcOf___9fD8jMfIvBxGTYbTwr32oz8Q1XE4dtZlmYbBvjxjTYHvHI_4yiLyjiPiHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBgtRptVjPPWuUyzdyilWO0Fm5GE7duuBwsTDPjZmWzuUWvj-njHKwME48XCQaw7UXytEgnssnKNfEtJoPByDba7JbDjck2WZgcI9PGspgYJxOxRHOySCeyy74z8y0GE5Nht_GsfKvNxDdcTRy2mWVhsm2MG9NgX1itRpvVzLNWuUwzt2jlGK2Fm9HErRsuBwvTzLhZ2Wxu0etj-jgHK8PE42_sBqPRYrgYDPeN3WA0WgwXg-G-Q2f4rj5no_JlzHiEIpE4sdvZnAaFy2DxTosWaetw9Bl1XttEmFqbdo6JVWiVeA0Kz8FjGhtr6sPfmlvtbhaF42BRxBLBRTrRO4yut-b0sDxMtpfl9PS8LBexRGm6SCd6yWAy2gsWe8FoL7G8HF6n3eeWu3yfv9pveblFR4fdLRmslXar6_IyuRU208vylrt8b-Xf8nVrnKbnW_O6-B7Ot-jycNrdIpfl4TR7LmKJ4HSRTkQv4-mi_qOGGc4Vm8lcsRjOdYNVAgAAAAAAAACwBJNMNwEAAABwMpDZYjBYrdNBrFaTyWy1XAARVqy6fv5ZsHPebBl3SamVa7HF1qEUa-yxiXcYXW_N6WF5mGwvy-npeVmuDCDCSpXZZp8RxFqtljUAAAABbAAAAAHcdONNwJkV9____z8OAAAAgBx6AAAA9PuAooqFH7lQ7PkVxGIxGO0fgAqxVqvV7cZarVZAgdpNIABAQD1BAAAAAACAFTA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
62544

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:36 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3474197131523813000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Fri, 05 Jan 2024 01:28:36 GMT
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 499F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-dSLQ1lFE2oQBU8VUt0FJMVutChr21i.q5Xou1g--~A
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-dSLQ1lFE2oQBU8VUt0FJMVutChr21i.q5Xou1g--~A
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8MuwCLAZYi8NDfbKruBKwFoeH-mRXcS0AAABgYID-AIk4J5uJw-RbCxam5Vq0Gk7Wws1k5FYZloPdYjKxrRyrISAR52QzcZh8a8HCtFyLVsPJWriZjNwqw3KwW0wmtpVjNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG9ih6XT4XPd63e9315welofJ9rKcnp6X5a7xu_2SwWS0Fyz2gtFeYnk5vE67zy13-T5_td_ycouODrtbMlgr7VbX5WVyK2yml-Utd_neyr_l69Y4Tc-35nXxPZxv0eXhtLtFLsvDafb85QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaA8Q0CziwHBHf5Dsq_5esPAAAAACAAAAAASAAM7DeWALh4TTzx_________x9jgD7zRsb_____jYUeAA8-AB6EAAAAXAwxl61BrB3ZLSdyYFOEEQAAAAATQjujI5N0gopFlf___34rAFcAAAIYr3nIlrLoDkq8hQEAACgYs0APi99vdtg1frfL_P________-b-T_zj0ZoZGYmjfAkPKmaX0AAgDW_gAAAbNQNAMCbADhBJwBWRyEWs8FyM1kOlrMDAAAAcOf___9fD8jMfIvBxGTYbTwr32oz8Q1XE4dtZlmYbBvjxjTYHvHI_4yiLyjiPiHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBgtRptVjPPWuUyzdyilWO0Fm5GE7duuBwsTDPjZmWzuUWvj-njHKwME48XCQaw7UXytEgnssnKNfEtJoPByDba7JbDjck2WZgcI9PGspgYJxOxRHOySCeyy74z8y0GE5Nht_GsfKvNxDdcTRy2mWVhsm2MG9NgX1itRpvVzLNWuUwzt2jlGK2Fm9HErRsuBwvTzLhZ2Wxu0etj-jgHK8PE42_sBqPRYrgYDPeN3WA0WgwXg-G-Q2f4rj5no_JlzHiEIpE4sdvZnAaFy2DxTosWaetw9Bl1XttEmFqbdo6JVWiVeA0Kz8FjGhtr6sPfmlvtbhaF42BRxBLBRTrRO4yut-b0sDxMtpfl9PS8LBexRGm6SCd6yWAy2gsWe8FoL7G8HF6n3eeWu3yfv9pveblFR4fdLRmslXar6_IyuRU208vylrt8b-Xf8nVrnKbnW_O6-B7Ot-jycNrdIpfl4TR7LmKJ4HSRTkQv4-mi_qOGGc4Vm8lcsRjOdYNVAgAAAAAAAACwBJNMNwEAAABwMpDZYjBYrdNBrFaTyWy1XAARVqy6fv5ZsHPebBl3SamVa7HF1qEUa-yxiXcYXW_N6WF5mGwvy-npeVmuDCDCSpXZZp8RxFqtljUAAAABbAAAAAHcdONNwJkV9____z8OAAAAgBx6AAAA9PuAooqFH7lQ7PkVxGIxGO0fgAqxVqvV7cZarVZAgdpNIABAQD1BAAAAAACAFTA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
62444

Redirect headers

date
Fri, 05 Jan 2024 01:28:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-dSLQ1lFE2oQBU8VUt0FJMVutChr21i.q5Xou1g--~A
content-length
0
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame F95A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=736096f3-a33b-4e74-a900-147a47dba0f3
0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=736096f3-a33b-4e74-a900-147a47dba0f3
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8MuwCLAZYi8NDfbKruBKwFoeH-mRXcS0AAABgYID-AIk4J5uJw-RbCxam5Vq0Gk7Wws1k5FYZloPdYjKxrRyrISAR52QzcZh8a8HCtFyLVsPJWriZjNwqw3KwW0wmtpVjNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG9ih6XT4XPd63e9315welofJ9rKcnp6X5a7xu_2SwWS0Fyz2gtFeYnk5vE67zy13-T5_td_ycouODrtbMlgr7VbX5WVyK2yml-Utd_neyr_l69Y4Tc-35nXxPZxv0eXhtLtFLsvDafb85QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaA8Q0CziwHBHf5Dsq_5esPAAAAACAAAAAASAAM7DeWALh4TTzx_________x9jgD7zRsb_____jYUeAA8-AB6EAAAAXAwxl61BrB3ZLSdyYFOEEQAAAAATQjujI5N0gopFlf___34rAFcAAAIYr3nIlrLoDkq8hQEAACgYs0APi99vdtg1frfL_P________-b-T_zj0ZoZGYmjfAkPKmaX0AAgDW_gAAAbNQNAMCbADhBJwBWRyEWs8FyM1kOlrMDAAAAcOf___9fD8jMfIvBxGTYbTwr32oz8Q1XE4dtZlmYbBvjxjTYHvHI_4yiLyjiPiHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBgtRptVjPPWuUyzdyilWO0Fm5GE7duuBwsTDPjZmWzuUWvj-njHKwME48XCQaw7UXytEgnssnKNfEtJoPByDba7JbDjck2WZgcI9PGspgYJxOxRHOySCeyy74z8y0GE5Nht_GsfKvNxDdcTRy2mWVhsm2MG9NgX1itRpvVzLNWuUwzt2jlGK2Fm9HErRsuBwvTzLhZ2Wxu0etj-jgHK8PE42_sBqPRYrgYDPeN3WA0WgwXg-G-Q2f4rj5no_JlzHiEIpE4sdvZnAaFy2DxTosWaetw9Bl1XttEmFqbdo6JVWiVeA0Kz8FjGhtr6sPfmlvtbhaF42BRxBLBRTrRO4yut-b0sDxMtpfl9PS8LBexRGm6SCd6yWAy2gsWe8FoL7G8HF6n3eeWu3yfv9pveblFR4fdLRmslXar6_IyuRU208vylrt8b-Xf8nVrnKbnW_O6-B7Ot-jycNrdIpfl4TR7LmKJ4HSRTkQv4-mi_qOGGc4Vm8lcsRjOdYNVAgAAAAAAAACwBJNMNwEAAABwMpDZYjBYrdNBrFaTyWy1XAARVqy6fv5ZsHPebBl3SamVa7HF1qEUa-yxiXcYXW_N6WF5mGwvy-npeVmuDCDCSpXZZp8RxFqtljUAAAABbAAAAAHcdONNwJkV9____z8OAAAAgBx6AAAA9PuAooqFH7lQ7PkVxGIxGO0fgAqxVqvV7cZarVZAgdpNIABAQD1BAAAAAACAFTA!&cmcv=&pix=undefined&cb=1704418113878&uv=3372&tms=1704418113878&abt=adxsub-out_vA!adxsub-out_vB!esv_vB!lvlstst-in2_vB!lvlstst1_vB!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=b923bad7-0a49-4582-832d-e090712b6e15&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
33
date
Fri, 05 Jan 2024 01:28:36 GMT
via
1.1 varnish
x-served-by
cache-mia-kmia1760087-MIA
server
nginx
x-timer
S1704418116.029806,VS0,VE33
x-fastly-to-nlb-rtt
30850
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=736096f3-a33b-4e74-a900-147a47dba0f3
date
Fri, 05 Jan 2024 01:28:35 GMT
server
Kestrel
content-length
239
/
sync.taboola.com/sg/medianetrtb-network/1/rtb-h/ Frame F95A
Redirect Chain
  • https://cs.media.net/cksync?cs=69&type=tb&gdpr=0&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E
  • https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3474197131523813000V10
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3474197131523813000V10
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8MuwCLAZYi8NDfbKruBKwFoeH-mRXcS0AAABgYID-AIk4J5uJw-RbCxam5Vq0Gk7Wws1k5FYZloPdYjKxrRyrISAR52QzcZh8a8HCtFyLVsPJWriZjNwqw3KwW0wmtpVjNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG9ih6XT4XPd63e9315welofJ9rKcnp6X5a7xu_2SwWS0Fyz2gtFeYnk5vE67zy13-T5_td_ycouODrtbMlgr7VbX5WVyK2yml-Utd_neyr_l69Y4Tc-35nXxPZxv0eXhtLtFLsvDafb85QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaA8Q0CziwHBHf5Dsq_5esPAAAAACAAAAAASAAM7DeWALh4TTzx_________x9jgD7zRsb_____jYUeAA8-AB6EAAAAXAwxl61BrB3ZLSdyYFOEEQAAAAATQjujI5N0gopFlf___34rAFcAAAIYr3nIlrLoDkq8hQEAACgYs0APi99vdtg1frfL_P________-b-T_zj0ZoZGYmjfAkPKmaX0AAgDW_gAAAbNQNAMCbADhBJwBWRyEWs8FyM1kOlrMDAAAAcOf___9fD8jMfIvBxGTYbTwr32oz8Q1XE4dtZlmYbBvjxjTYHvHI_4yiLyjiPiHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBgtRptVjPPWuUyzdyilWO0Fm5GE7duuBwsTDPjZmWzuUWvj-njHKwME48XCQaw7UXytEgnssnKNfEtJoPByDba7JbDjck2WZgcI9PGspgYJxOxRHOySCeyy74z8y0GE5Nht_GsfKvNxDdcTRy2mWVhsm2MG9NgX1itRpvVzLNWuUwzt2jlGK2Fm9HErRsuBwvTzLhZ2Wxu0etj-jgHK8PE42_sBqPRYrgYDPeN3WA0WgwXg-G-Q2f4rj5no_JlzHiEIpE4sdvZnAaFy2DxTosWaetw9Bl1XttEmFqbdo6JVWiVeA0Kz8FjGhtr6sPfmlvtbhaF42BRxBLBRTrRO4yut-b0sDxMtpfl9PS8LBexRGm6SCd6yWAy2gsWe8FoL7G8HF6n3eeWu3yfv9pveblFR4fdLRmslXar6_IyuRU208vylrt8b-Xf8nVrnKbnW_O6-B7Ot-jycNrdIpfl4TR7LmKJ4HSRTkQv4-mi_qOGGc4Vm8lcsRjOdYNVAgAAAAAAAACwBJNMNwEAAABwMpDZYjBYrdNBrFaTyWy1XAARVqy6fv5ZsHPebBl3SamVa7HF1qEUa-yxiXcYXW_N6WF5mGwvy-npeVmuDCDCSpXZZp8RxFqtljUAAAABbAAAAAHcdONNwJkV9____z8OAAAAgBx6AAAA9PuAooqFH7lQ7PkVxGIxGO0fgAqxVqvV7cZarVZAgdpNIABAQD1BAAAAAACAFTA!&cmcv=&pix=undefined&cb=1704418113878&uv=3372&tms=1704418113878&abt=adxsub-out_vA!adxsub-out_vB!esv_vB!lvlstst-in2_vB!lvlstst1_vB!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=b923bad7-0a49-4582-832d-e090712b6e15&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
62544

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:36 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3474197131523813000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Fri, 05 Jan 2024 01:28:36 GMT
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame F95A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-dSLQ1lFE2oQBU8VUt0FJMVutChr21i.q5Xou1g--~A
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-dSLQ1lFE2oQBU8VUt0FJMVutChr21i.q5Xou1g--~A
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8MuwCLAZYi8NDfbKruBKwFoeH-mRXcS0AAABgYID-AIk4J5uJw-RbCxam5Vq0Gk7Wws1k5FYZloPdYjKxrRyrISAR52QzcZh8a8HCtFyLVsPJWriZjNwqw3KwW0wmtpVjNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG9ih6XT4XPd63e9315welofJ9rKcnp6X5a7xu_2SwWS0Fyz2gtFeYnk5vE67zy13-T5_td_ycouODrtbMlgr7VbX5WVyK2yml-Utd_neyr_l69Y4Tc-35nXxPZxv0eXhtLtFLsvDafb85QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaA8Q0CziwHBHf5Dsq_5esPAAAAACAAAAAASAAM7DeWALh4TTzx_________x9jgD7zRsb_____jYUeAA8-AB6EAAAAXAwxl61BrB3ZLSdyYFOEEQAAAAATQjujI5N0gopFlf___34rAFcAAAIYr3nIlrLoDkq8hQEAACgYs0APi99vdtg1frfL_P________-b-T_zj0ZoZGYmjfAkPKmaX0AAgDW_gAAAbNQNAMCbADhBJwBWRyEWs8FyM1kOlrMDAAAAcOf___9fD8jMfIvBxGTYbTwr32oz8Q1XE4dtZlmYbBvjxjTYHvHI_4yiLyjiPiHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBgtRptVjPPWuUyzdyilWO0Fm5GE7duuBwsTDPjZmWzuUWvj-njHKwME48XCQaw7UXytEgnssnKNfEtJoPByDba7JbDjck2WZgcI9PGspgYJxOxRHOySCeyy74z8y0GE5Nht_GsfKvNxDdcTRy2mWVhsm2MG9NgX1itRpvVzLNWuUwzt2jlGK2Fm9HErRsuBwvTzLhZ2Wxu0etj-jgHK8PE42_sBqPRYrgYDPeN3WA0WgwXg-G-Q2f4rj5no_JlzHiEIpE4sdvZnAaFy2DxTosWaetw9Bl1XttEmFqbdo6JVWiVeA0Kz8FjGhtr6sPfmlvtbhaF42BRxBLBRTrRO4yut-b0sDxMtpfl9PS8LBexRGm6SCd6yWAy2gsWe8FoL7G8HF6n3eeWu3yfv9pveblFR4fdLRmslXar6_IyuRU208vylrt8b-Xf8nVrnKbnW_O6-B7Ot-jycNrdIpfl4TR7LmKJ4HSRTkQv4-mi_qOGGc4Vm8lcsRjOdYNVAgAAAAAAAACwBJNMNwEAAABwMpDZYjBYrdNBrFaTyWy1XAARVqy6fv5ZsHPebBl3SamVa7HF1qEUa-yxiXcYXW_N6WF5mGwvy-npeVmuDCDCSpXZZp8RxFqtljUAAAABbAAAAAHcdONNwJkV9____z8OAAAAgBx6AAAA9PuAooqFH7lQ7PkVxGIxGO0fgAqxVqvV7cZarVZAgdpNIABAQD1BAAAAAACAFTA!&cmcv=&pix=undefined&cb=1704418113878&uv=3372&tms=1704418113878&abt=adxsub-out_vA!adxsub-out_vB!esv_vB!lvlstst-in2_vB!lvlstst1_vB!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=b923bad7-0a49-4582-832d-e090712b6e15&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
62444

Redirect headers

date
Fri, 05 Jan 2024 01:28:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-dSLQ1lFE2oQBU8VUt0FJMVutChr21i.q5Xou1g--~A
content-length
0
usync.js
eus.rubiconproject.com/ Frame FFC3 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12347
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
usync.js
eus.rubiconproject.com/ Frame 124B 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12347
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
usync.js
eus.rubiconproject.com/ Frame E482 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12347
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=YAMFxqR3qCYbUd0e&instance=214055123&version=7.29.3-U&age=240105&ldt=BIDS&key=y3roexcY&c_id=13479&seq=1&order=5&vIndex=0&absoluteTime=12489.8&relativeTime=8132.7&sm_id=3287948&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=13512&load=1&status=LVFNSNIY&ac_id=2008&bidIndex=1&prebid.cid=0&prebid.bidders.rubicon.time=2390.3&prebid.bidders.ix.time=2194&prebid.bidders.unruly.time=2433.9&prebid.bidders.undertone.time=2353.7&prebid.bidders.triplelift.time=2349.2&prebid.bidders.appnexus.time=2186.5&prebid.bidders.pubmatic.time=2419.1&prebid.start=10043.3&prebid.time=2444.8&prebid.timeout=3000&adIndex=-1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.145.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-145-94.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
khaos.json
token.rubiconproject.com/ Frame 54D8 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
collect
v.clarity.ms/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.staradvertiser.com
Date
Fri, 05 Jan 2024 01:28:36 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
369.json
id5-sync.com/g/v2/ 		630 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
f3f8389488adb5ce620031349c57955ed961b44496372bb0f59fbd09a506d752
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 484B 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12347
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
um
u-iad04.e-planning.net/ Frame CF76
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D486214773fce3e9d
  • https://pixel.sitescout.com/dmp/pixelSync?cookieQ=1&network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D486214773fce3e9d
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&partner_url=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3Dd84ba2f6-b7...
  • https://u-iad04.e-planning.net/um?uid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&dc=0abbcb4eba840e59&fi=486214773fce3e9d
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&dc=0abbcb4eba840e59&fi=486214773fce3e9d
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:36 GMT
content-type
image/gif

Redirect headers

date
Fri, 05 Jan 2024 01:28:36 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://u-iad04.e-planning.net/um?uid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&dc=0abbcb4eba840e59&fi=486214773fce3e9d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
u-iad04.e-planning.net/ Frame CF76
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562965&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%%VGUID%%%26dc%3D66b7ef4184d94c10%26fi%3D486214773fce3e9d
  • https://u-iad04.e-planning.net/um?uid=K5XH98XlPE9c&dc=66b7ef4184d94c10&fi=486214773fce3e9d&ev=1&us_privacy=${us_privacy}&pid=562965
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=K5XH98XlPE9c&dc=66b7ef4184d94c10&fi=486214773fce3e9d&ev=1&us_privacy=${us_privacy}&pid=562965
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:36 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://u-iad04.e-planning.net/um?uid=K5XH98XlPE9c&dc=66b7ef4184d94c10&fi=486214773fce3e9d&ev=1&us_privacy=${us_privacy}&pid=562965
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-fsdm2
expires
-1
pbs.gif
sync.admanmedia.com/ Frame CF76 		9 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D486214773fce3e9d%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.17 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:36 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame CF76 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.242 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 03 Jan 2029 01:28:36 GMT
um
u-iad04.e-planning.net/ Frame CF76
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D486214773fce3e9d%26uid%3D%24%7BUID%7D
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=486214773fce3e9d&uid=7fa3f5db-f526-4aad-8584-3bbcac66db73
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=486214773fce3e9d&uid=7fa3f5db-f526-4aad-8584-3bbcac66db73
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:36 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=486214773fce3e9d&uid=7fa3f5db-f526-4aad-8584-3bbcac66db73
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame CF76 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.242 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 03 Jan 2029 01:28:36 GMT
um
u-iad04.e-planning.net/ Frame CF76
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D486214773fce3e9d%26uid%3D
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=486214773fce3e9d&uid=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504516
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=486214773fce3e9d&uid=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504516
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:37 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=486214773fce3e9d&uid=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504516
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
um
u-iad04.e-planning.net/ Frame CF76
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D486214773fce3e9d
  • https://u-iad04.e-planning.net/um?uid=48de1664-fb49-47b7-b409-1zz1704418099&dc=fabfd6762b833237&fi=486214773fce3e9d
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=48de1664-fb49-47b7-b409-1zz1704418099&dc=fabfd6762b833237&fi=486214773fce3e9d
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:37 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?uid=48de1664-fb49-47b7-b409-1zz1704418099&dc=fabfd6762b833237&fi=486214773fce3e9d
date
Fri, 05 Jan 2024 01:28:21 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
um
u-iad04.e-planning.net/ Frame CF76
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D486214773fce3e9d%26uid%3D%24UID
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=486214773fce3e9d&uid=7386633197929965226
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=486214773fce3e9d&uid=7386633197929965226
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:37 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
an-x-request-uuid
6a0ee3ca-6142-4523-9a73-162de6c754e7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=486214773fce3e9d&uid=7386633197929965226
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-iad04.e-planning.net/ Frame CF76
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D486214773fce3e9d%26uid%3D%5BUID%5D
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=486214773fce3e9d&uid=770043a8-af77-46db-9a99-c38ce904d888
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=486214773fce3e9d&uid=770043a8-af77-46db-9a99-c38ce904d888
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:37 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-180
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=486214773fce3e9d&uid=770043a8-af77-46db-9a99-c38ce904d888
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-iad04.e-planning.net/ Frame CF76
Redirect Chain
  • https://rtb.om-meta.com/csync?exchange=41cd7873289762a3cc93a994250371cf1cd20569&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dbe1f3f8d2283c058%26fi%3D486214773fce3e9d%26uid%3D
  • https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=486214773fce3e9d&uid=94587298-0b88-4322-9981-ae550157b0de
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=486214773fce3e9d&uid=94587298-0b88-4322-9981-ae550157b0de
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:37 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=486214773fce3e9d&uid=94587298-0b88-4322-9981-ae550157b0de
date
Fri, 05 Jan 2024 01:28:37 GMT
content-length
0
um
u-iad04.e-planning.net/ Frame CF76
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D486214773fce3e9d%26uid%3D%24UID&partner=eplanning
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=486214773fce3e9d&uid=ua-ad54b833-7c6f-352a-acb0-b4e156cda26b
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=486214773fce3e9d&uid=ua-ad54b833-7c6f-352a-acb0-b4e156cda26b
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:37 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=486214773fce3e9d&uid=ua-ad54b833-7c6f-352a-acb0-b4e156cda26b
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
cache-control
no-store
content-length
0
expires
0
um
sync.e-planning.net/ Frame CF76
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
  • https://sync.e-planning.net/um?uid=c73598e4-19af-4225-ad41-0db5af961cdf&dc=769fefa8321c94fb&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=c73598e4-19af-4225-ad41-0db5af961cdf&dc=769fefa8321c94fb&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:36 GMT
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=c73598e4-19af-4225-ad41-0db5af961cdf&dc=769fefa8321c94fb&iss=1
date
Fri, 05 Jan 2024 01:28:36 GMT
content-length
0
um
u-iad04.e-planning.net/ Frame CF76
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=486214773fce3e9d
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=486214773fce3e9d
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Redirect headers

location
https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=486214773fce3e9d
date
Fri, 05 Jan 2024 01:28:37 GMT
server
fasthttp
content-length
0
um
u-iad04.e-planning.net/ Frame CF76
Redirect Chain
  • https://sync.colossusssp.com/25846d60f03337a85b16b62fb624c502.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3Dd015773253e1640b%26fi%3D486214773fce3e9d
  • https://u-iad04.e-planning.net/um?uid=1e2c6b9b-b313-4977-8d47-506b6f116205&dc=d015773253e1640b&fi=486214773fce3e9d
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=1e2c6b9b-b313-4977-8d47-506b6f116205&dc=d015773253e1640b&fi=486214773fce3e9d
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:37 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:36 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://u-iad04.e-planning.net/um?uid=1e2c6b9b-b313-4977-8d47-506b6f116205&dc=d015773253e1640b&fi=486214773fce3e9d
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
sync
x.bidswitch.net/ Frame CF76
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=eplanning
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=eplanning
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=eplanning
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0cab6805-c694-4a0f-a9f1-3fc892c60190&ssp=eplanning
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0cab6805-c694-4a0f-a9f1-3fc892c60190&ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0cab6805-c694-4a0f-a9f1-3fc892c60190&ssp=eplanning
date
Fri, 05 Jan 2024 01:28:37 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
u-iad04.e-planning.net/ Frame CF76
Redirect Chain
  • https://cm-x.mgid.com/7c66bfc34cae8636a9aefaf68cb9041c.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3D98bd04598763300f%26fi%3D486214773fce3e9d
  • https://u-iad04.e-planning.net/um?uid=75d3231a-8b28-476c-856f-1982c6c9795b&dc=98bd04598763300f&fi=486214773fce3e9d
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=75d3231a-8b28-476c-856f-1982c6c9795b&dc=98bd04598763300f&fi=486214773fce3e9d
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:37 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:37 GMT
Transfer-Encoding
chunked
Location
https://u-iad04.e-planning.net/um?uid=75d3231a-8b28-476c-856f-1982c6c9795b&dc=98bd04598763300f&fi=486214773fce3e9d
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
um
u-iad04.e-planning.net/ Frame CF76
Redirect Chain
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=ZXBsYW5uaW5n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&callback=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7Bym_us...
  • https://u-iad04.e-planning.net/um?uid=ym_user_f42d1ad0-05e4-4bec-8277-d0223c159ff3&dc=dbfd729d40c9c3fc&fi=486214773fce3e9d
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=ym_user_f42d1ad0-05e4-4bec-8277-d0223c159ff3&dc=dbfd729d40c9c3fc&fi=486214773fce3e9d
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:37 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?uid=ym_user_f42d1ad0-05e4-4bec-8277-d0223c159ff3&dc=dbfd729d40c9c3fc&fi=486214773fce3e9d
access-control-allow-origin
*
date
Fri, 05 Jan 2024 01:28:37 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
um
sync.e-planning.net/ Frame CF76
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2069.96%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=7138357452
  • https://sync.1rx.io/usersync3/mediamathtest/2069.96/f7716597-5b45-4000-9fa2-5f3c3f74983b?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005%26dc%3Dfc74...
  • https://sync.e-planning.net/um?uid=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005&dc=fc741bbdfeedcd57&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005&dc=fc741bbdfeedcd57&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:37 GMT
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005&dc=fc741bbdfeedcd57&iss=1
date
Fri, 05 Jan 2024 01:28:37 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1b1c05a4a7cb4073855993f6a89d18e6005
content-type
text/html
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame E83F 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da4b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3f72bc478fe8bdfc0d71966f03269d1400530dc5b86bfe964e181991ba89b19c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Dec 2023 14:00:12 GMT
Server
AkamaiNetStorage
ETag
"9bd2e1c1f91b92b58200dbf9a10e7938:1704270086.237201"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3190
CookieSync.min.js
csync.smartadserver.com/rtb/csync/ Frame E83F 		74 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da4d Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 08:58:42 GMT
Server
AkamaiNetStorage
ETag
"742b2a86812ba14a01984e42bbf75bd2:1700471507.784273"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16507
TemplatePool.min.js
csync.smartadserver.com/rtb/csync/ Frame E83F 		154 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da4d Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7b205e88991731a228fd27cdb2f729a087290f10325d97622ca19b8376524266

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 08:58:42 GMT
Server
AkamaiNetStorage
ETag
"16285d7800e5f44b3c3d6d484f4e45fc:1700471508.128762"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4141
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame D425
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a0...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7386633197929965226&gdpr=0&gdpr_consent=&gdpr=0&gd...
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7386633197929965226&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
an-x-request-uuid
11fbba08-9c03-4787-9dc8-665b0a41bc67
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7386633197929965226&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame D425
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%2...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7386633197929965226&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7386633197929965226&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
an-x-request-uuid
941b8c8e-c46e-4aef-a1c1-c7badc8fed16
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7386633197929965226&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame D425
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=70&p=120&cp=adyoulike&cu=1&url=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fis_cookie_sync_uid%3Dtrue%26uid%3D4246a50e6cf42e85f26c381a4b7701fb%2...
  • https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=8b8293d3-9878-4b12-9ae2-54436c2413c7
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=8b8293d3-9878-4b12-9ae2-54436c2413c7
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=8b8293d3-9878-4b12-9ae2-54436c2413c7
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1472784
content-length
0
expires
Fri, 05 Jan 2024 00:00:00 GMT
ayl_pixel
api-2-0.spot.im/pixels/ Frame D425 		0
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=f85811dc81870e1d6389bcf2be3bdfa4
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-27.iad61.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
via
1.1 6129f7f4feb0c02da809b6ee7e340b18.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD61-P1
x-amz-cf-id
mQ1YWiGQiJ_w83TGAiYcr7kIh4rcXC8mPWim2s0zWUIh-M93pj6lOQ==
x-cache
Miss from cloudfront
sync
visitor.omnitagjs.com/visitor/ Frame D425
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT, Fri, 05 Jan 2024 01:28:36 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame D425
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=adyoulike&ssp_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-b_TzuFpE2pkUz94wCbmugmxYK_20IX7Yw79exA--~A&expires=5&ssp=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=f23bd312-5bb6-424a-95e9-d15220f0e7dc&name=BIDSWITCH&gdpr=&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=f23bd312-5bb6-424a-95e9-d15220f0e7dc&name=BIDSWITCH&gdpr=&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
8
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Location
//visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=f23bd312-5bb6-424a-95e9-d15220f0e7dc&name=BIDSWITCH&gdpr=&gdpr_consent=
Date
Fri, 05 Jan 2024 01:28:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame D425
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=736096f3-a33b-4e74-a900-147a47dba0f3&name=THE_TRADE_DESK
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=736096f3-a33b-4e74-a900-147a47dba0f3&name=THE_TRADE_DESK
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=736096f3-a33b-4e74-a900-147a47dba0f3&name=THE_TRADE_DESK
date
Fri, 05 Jan 2024 01:28:36 GMT
server
Kestrel
content-length
319
sync
visitor.omnitagjs.com/visitor/ Frame D425
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/aul
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAAQHk7LLrYAABaDzK28HA&name=BEESWAX
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAAQHk7LLrYAABaDzK28HA&name=BEESWAX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAAQHk7LLrYAABaDzK28HA&name=BEESWAX
Date
Fri, 05 Jan 2024 01:28:37 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame D425
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visit...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=BUe8t8AGKClBFU9g5GxQ&gdpr=0&gdpr_consent=&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=BUe8t8AGKClBFU9g5GxQ&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:36 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=BUe8t8AGKClBFU9g5GxQ&gdpr=0&gdpr_consent=&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
221
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame D425
Redirect Chain
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdp...
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=d08b0939-e7dd-47e1-a1ce-13919d351d77%20&gdpr_consent=null&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=d08b0939-e7dd-47e1-a1ce-13919d351d77%20&gdpr_consent=null&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=d08b0939-e7dd-47e1-a1ce-13919d351d77 &gdpr_consent=null&gdpr=0
date
Fri, 05 Jan 2024 01:28:37 GMT
server
_
content-length
0
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame D425
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26v...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=BUe8t8AGKClBFU9g5GxQ&gdpr=0&gdpr_consent=&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=BUe8t8AGKClBFU9g5GxQ&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:37 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=BUe8t8AGKClBFU9g5GxQ&gdpr=0&gdpr_consent=&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
225
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame D425
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visi...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
date
Fri, 05 Jan 2024 01:28:36 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
220
content-type
text/html; charset=utf-8
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame D425
Redirect Chain
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0a00220400cfc8e2c37e0815&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0a00220400cfc8e2c37e0815&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0a00220400cfc8e2c37e0815&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
date
Fri, 05 Jan 2024 01:28:37 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame D425
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&name=STACKADAPT&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&name=STACKADAPT&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&name=STACKADAPT&gdpr=0&gdpr_consent=
Date
Fri, 05 Jan 2024 01:28:36 GMT
Connection
keep-alive
Content-Length
219
Content-Type
text/html; charset=utf-8
sync-iframe
cs-server-s2s.yellowblue.io/ Frame D425 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DRISE_CODES%26ttl%3D720%26uid%3D48b439bcf2930e6408d6e795f7f1cdd2%26visitor%3D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.227.185.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-185-122.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
pixel
ap.lijit.com/ Frame D425 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 05 Jan 2024 01:28:36 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame D425
Redirect Chain
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNT...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=c7afadb5-2f38-4468-a903-ccb38af6a4be&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=c7afadb5-2f38-4468-a903-ccb38af6a4be&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
server
nginx
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=c7afadb5-2f38-4468-a903-ccb38af6a4be&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame D425
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=0e9edc1031de420496b7be83175ae78d&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=0e9edc1031de420496b7be83175ae78d&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
8
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Date
Fri, 05 Jan 2024 01:28:37 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=0e9edc1031de420496b7be83175ae78d&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
sync
visitor.omnitagjs.com/visitor/ Frame D425
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=d32de12f-65c3-42c1-a39f-1a86978ca970&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=d32de12f-65c3-42c1-a39f-1a86978ca970&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

x-servername
Track003-iad
pragma
no-cache
date
Fri, 05 Jan 2024 01:27:39 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=d32de12f-65c3-42c1-a39f-1a86978ca970&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
cache-control
private,no-cache
content-length
315
expires
-1
711333.gif
id.rlcdn.com/ Frame D425 		42 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
khaos.json
token.rubiconproject.com/ Frame 0C9E 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-39CWM68PTE&gtm=45je4130v9122458175&_p=1704418107434&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=495654607.1704418108&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dp=%2Fwidget%2Fstaradvertiser%2F9865%2FUpcoming%20Events%2F2a3128a5939a5946a%2F&sid=1704418110&sct=1&seg=1&dl=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&dt=More%20than%2020%20injured%20after%20New%20York%20City%20subway%20train%20derails%20%7C%20Honolulu%20Star-Advertiser&en=page_view&_ee=1&ep.page_hostname=p.cityspark.com&_et=6&tfd=12787
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
idl.js
assets.a-mo.net/js/ Frame B7FB 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=www.staradvertiser.com&e=27&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
via
1.1 b26547db1e1891a614cdee548c1b3f08.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
444
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 02 Nov 2023 21:08:31 GMT
server
cloudflare
etag
W/"771a6a92588a8fb45e42a04fa3fe9ddd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
8407f20b78e52233-MIA
x-amz-cf-id
E-4XP_p_3Q-gnedjFUG7c488ueSGMgtPpyXRaKqomZV75VnTsru5uw==
expires
Fri, 05 Jan 2024 02:28:36 GMT
set
id.a-mx.com/ Frame B7FB
Redirect Chain
  • https://id.a-mx.com/sync?tao=1&&do=www.staradvertiser.com
  • https://c3.a-mo.net/b?uid=49cc3995-5ade-4dd3-960f-6b3138eb67a4&sh=id.a-mx.com&
  • https://id.a-mx.com/set?oid=49cc3995-5ade-4dd3-960f-6b3138eb67a4&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&
99 B
605 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/set?oid=49cc3995-5ade-4dd3-960f-6b3138eb67a4&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
131.153.242.59 , United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
/
Resource Hash
96e81b0a3347993f68b10648e08dc9ec74a05b452d08dc6498967c4b46dfdbe7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
null
date
Fri, 5 Jan 2024 01:28:37 GMT
access-control-allow-credentials
true
content-length
99
content-type
application/json

Redirect headers

access-control-allow-origin
null
location
https://id.a-mx.com/set?oid=49cc3995-5ade-4dd3-960f-6b3138eb67a4&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&
date
Fri, 5 Jan 2024 01:28:36 GMT
access-control-allow-credentials
true
content-length
0
usync.html
eus.rubiconproject.com/ Frame 420C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx
  • https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://prebid.a-mo.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:36 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:36 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
server
AkamaiGHost
bidswitch
sync-dmp.mobtrakk.com/match/ Frame B7FB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&gdpr=0&us_privacy=1---
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc&chk=1
43 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc&chk=1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
5.161.188.99 Ashburn, United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.99.188.161.5.clients.your-server.de
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc&chk=1
date
Fri, 05 Jan 2024 01:28:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx
content-length
0
yahoo
prebid.a-mo.net/setuid/ Frame B7FB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-uGmQNf9E2uGk8tFr6mk8l.QU3q9_7CWdCklAipk-~A
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-uGmQNf9E2uGk8tFr6mk8l.QU3q9_7CWdCklAipk-~A
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-uGmQNf9E2uGk8tFr6mk8l.QU3q9_7CWdCklAipk-~A
date
Fri, 05 Jan 2024 01:28:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
prebid.a-mo.net/ Frame B7FB
Redirect Chain
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Damx_com%26uid%3D
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=amx_com&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=amx_com&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=amx_com&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
date
Fri, 5 Jan 2024 01:28:35 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame B7FB
Redirect Chain
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=openx&uid=7fa3f5db-f526-4aad-8584-3bbcac66db73
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=openx&uid=7fa3f5db-f526-4aad-8584-3bbcac66db73
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=openx&uid=7fa3f5db-f526-4aad-8584-3bbcac66db73
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154
setuid
prebid.a-mo.net/ Frame B7FB
Redirect Chain
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dadform%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=adform&uid=5394353749448417114
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=adform&uid=5394353749448417114
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=adform&uid=5394353749448417114
date
Fri, 05 Jan 2024 01:28:36 GMT
server
nginx
content-length
0
content-type
text/plain
Pug
simage2.pubmatic.com/AdServer/ Frame B7FB
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-m...
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0f4048a3-19cf-4e08-b88a-c8eedd147483&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0f4048a3-19cf-4e08-b88a-c8eedd147483&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 05 Jan 2024 01:28:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0f4048a3-19cf-4e08-b88a-c8eedd147483&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 05 Jan 2024 01:28:36 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
setuid
prebid.a-mo.net/ Frame B7FB
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?us_privacy=1---&A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=index_rtb&uid=ZZdbPwCgEoqR40X4NR82pgAA%261641
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?us_privacy=1---&A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=index_rtb&uid=ZZdbPwCgEoqR40X4NR82pgAA%261641
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PA%2BAmD7Zv1crwRaZpLg97wk0%2FKKj85sVmWA7KiU6cv3xEQnWk4k7nH1LqslQnYnen5EhSaTwdHElWbH6hhKsAg3nUFZEK7VKe%2FiTKYUhm4eGS%2FzkNqir%2Bw8Hw6pAUbbhMsg8ZZqK"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid.a-mo.net/setuid?us_privacy=1---&A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=index_rtb&uid=ZZdbPwCgEoqR40X4NR82pgAA%261641
cache-control
no-cache
cf-ray
8407f20bbb46db09-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
setuid
prebid.a-mo.net/ Frame B7FB
Redirect Chain
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dsovrn%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=sovrn&uid=H8B4hBZHEQ_m7NwFTi24NL7-
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=sovrn&uid=H8B4hBZHEQ_m7NwFTi24NL7-
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Fri, 05 Jan 2024 01:28:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=sovrn&uid=H8B4hBZHEQ_m7NwFTi24NL7-
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/ Frame B7FB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=appnexus&uid=7386633197929965226
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=appnexus&uid=7386633197929965226
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
an-x-request-uuid
546e6b07-237f-4dc9-ae92-7111c0f22ec4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=appnexus&uid=7386633197929965226
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame B7FB 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&do=www.staradvertiser.com
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.123 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
content-length
0
content-type
text/html
setuid
ib.adnxs.com/prebid/ Frame B7FB 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&do=www.staradvertiser.com
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
an-x-request-uuid
0199f175-b3df-46ac-9993-cf0682841d79
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 256C 		394 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f0c883d492e1f30ead795b1a819a7dfd5485dbe25a8e2e61ca6358c38ac6e0b7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
394
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 05 Jan 2024 01:28:36 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
2QHTVVQXWXKCNQVTAFCH
usync.html
eus.rubiconproject.com/ Frame A739
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx
  • https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://prebid.a-mo.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:36 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:36 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
server
AkamaiGHost
setuid
prebid.a-mo.net/ Frame D9E5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&gdpr=0&us_privacy=1---
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=MzZmOWY1Zjc1OTA1ZTA4&gdpr=0&gdpr_consent=&us_privacy=1---&ssp=adaptmx&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=0&gdpr_consent=&us_privacy=1---
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=0&gdpr_consent=&us_privacy=1---
Date
Fri, 05 Jan 2024 01:28:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
yahoo
prebid.a-mo.net/setuid/ Frame D9E5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-uGmQNf9E2uGk8tFr6mk8l.QU3q9_7CWdCklAipk-~A
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-uGmQNf9E2uGk8tFr6mk8l.QU3q9_7CWdCklAipk-~A
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-uGmQNf9E2uGk8tFr6mk8l.QU3q9_7CWdCklAipk-~A
date
Fri, 05 Jan 2024 01:28:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
prebid.a-mo.net/ Frame D9E5
Redirect Chain
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Damx_com%26uid%3D
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=amx_com&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=amx_com&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=amx_com&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
date
Fri, 5 Jan 2024 01:28:35 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame D9E5
Redirect Chain
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=openx&uid=7fa3f5db-f526-4aad-8584-3bbcac66db73
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=openx&uid=7fa3f5db-f526-4aad-8584-3bbcac66db73
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=openx&uid=7fa3f5db-f526-4aad-8584-3bbcac66db73
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154
setuid
prebid.a-mo.net/ Frame D9E5
Redirect Chain
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dadform%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=adform&uid=5394353749448417114
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=adform&uid=5394353749448417114
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=adform&uid=5394353749448417114
date
Fri, 05 Jan 2024 01:28:36 GMT
server
nginx
content-length
0
content-type
text/plain
setuid
prebid.a-mo.net/ Frame D9E5
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-m...
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dpubmatic%26uid%3DA0864502-06A0-4ED8-A...
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=pubmatic&uid=A0864502-06A0-4ED8-A79E-7CD263E71299
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=pubmatic&uid=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=pubmatic&uid=A0864502-06A0-4ED8-A79E-7CD263E71299
date
Fri, 05 Jan 2024 01:28:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/ Frame D9E5
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?us_privacy=1---&A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=index_rtb&uid=ZZdbPwCgEoqR40X4NR82pgAA%261641
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?us_privacy=1---&A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=index_rtb&uid=ZZdbPwCgEoqR40X4NR82pgAA%261641
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BD44v%2Bg8i15XDtKl%2FcprquI21DYoi8CDWfBTT0yI9hMVO3xod5bslVk%2FKAA4As33sA%2BIg%2Bq2UvBKtBvmrB69niOIIIreSIPJwQUFqCvdNfwUbHWxHNQzadOvvuQmLJ%2BISJn69TWE"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid.a-mo.net/setuid?us_privacy=1---&A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=index_rtb&uid=ZZdbPwCgEoqR40X4NR82pgAA%261641
cache-control
no-cache
cf-ray
8407f20c8d3525a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
setuid
prebid.a-mo.net/ Frame D9E5
Redirect Chain
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dsovrn%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=sovrn&uid=H8B4hBZHEQ_m7NwFTi24NL7-
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=sovrn&uid=H8B4hBZHEQ_m7NwFTi24NL7-
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:35 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Fri, 05 Jan 2024 01:28:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=sovrn&uid=H8B4hBZHEQ_m7NwFTi24NL7-
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/ Frame D9E5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dfd21eeb0-4e49-4a1c-be95-c93fd2d84953%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=appnexus&uid=7386633197929965226
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=appnexus&uid=7386633197929965226
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
an-x-request-uuid
efb5d7ce-d3df-4fce-bb1d-8379abc8744e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid.a-mo.net/setuid?A=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&bidder=appnexus&uid=7386633197929965226
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
b9e8126a-a546-48ae-9dc7-dd9b2e497b11
ex.ingage.tech/v1/sync/amx/ Frame D9E5 		0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/amx/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&do=www.staradvertiser.com
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8407f20c9817db05-MIA
vary
Origin
collect
stats.g.doubleclick.net/j/ 		2 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-123718506-11&cid=495654607.1704418108&jid=269797655&gjid=353234614&_gid=1065753684.1704418108&_u=aDDAAUIZAAAAACAMI~&z=1335137940
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 05 Jan 2024 01:28:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc&mbl=ZmFsc2U=
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 05 Jan 2024 01:28:36 GMT
cache-control
no-store
server
nginx
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 05 Jan 2024 01:28:36 GMT
prebid
ib.adnxs.com/openrtb2/ Frame F936 		0
814 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/openrtb2/prebid
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
an-x-request-uuid
73e40f1d-12bf-4d90-b258-3c5725ff37d0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ Frame F936 		53 B
95 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
c6a39e6b2bb7c9edccf5eaa5d51236dcd50df650a73beb16ac62cf787a830ee0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
cdb
bidder.criteo.com/ Frame F936 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=146&profileId=185&av=36&wv=8.26.0&cb=54989785078
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
326e93192aebe45104327f15a58733bec2239d67945d6c1c0adfbb8e40a40a13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
translator
hbopenbid.pubmatic.com/ Frame F936 		0
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame F936 		925 B
638 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
c2ef77df66b02fc9df336757aca83ab40bafe0c46be2834b865d6e73670dca87

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
18
content-length
487
pbjs
htlb.casalemedia.com/openrtb/ Frame F936 		37 B
615 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=896602
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59ddfeb75103c8b9787ef948eeb41b42fc13ea3dc010507f9034e963806093b9

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1g46biEcwF7ibu2cS050C3LXgmWeJsFnZGnq%2BkOHV6fQjD34AULNm08V5D1MhO9OtCKgjDKNzDIzZh8yE3ndIL%2BnPo0zC5gCXzR%2Bj8rPmlFC%2FwqKRD5Idv7%2BgpqS%2FfSwxjHY1hvo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8407f20daf3c25a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ads.yieldmo.com/exchange/ Frame F936 		0
229 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.26.0&p=%5B%7B%22placement_id%22%3A%2254c4ac53-0f96-43ce-b6fd-e12dbd6c2078%22%2C%22callback_id%22%3A%2230b7e1d3aa926e5%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223139532401223344602%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F21722279357%2F728x90_ob_staradvertiser%22%7D%5D&page_url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&bust=1704418116724&dnt=false&description=&tmax=2000&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=More%20than%2020%20injured%20after%20New%20York%20City%20subway%20train%20derails%20%7C%20Honolulu%20Star-Advertiser&w=1600&h=1200&pubcid=95d1454d-e53e-46b3-b4de-3341491a2a03&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s1956%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2295d1454d-e53e-46b3-b4de-3341491a2a03%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.225.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-225-207.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
hbjson
grid.bidswitch.net/ Frame F936 		24 B
373 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.243.123 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
123.243.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3fd020bbdd8f0b0036f9ae7cea4cb90083ae295c5fcc5ab906a0bf46e45038ad

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 05 Jan 2024 01:28:36 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F936 		509 B
566 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=449098&zone_id=2607354&size_id=2&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!adapex.io,s1956,1,,,&eid_audigent.com=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%5E1&eid_pubcid.org=95d1454d-e53e-46b3-b4de-3341491a2a03%5E1&rf=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&kw=Nationalnews&tg_i.domain=staradvertiser.com&tg_i.page=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&tg_i.pbadslot=%2F21722279357%2F728x90_ob_staradvertiser&tg_i.gpid=%2F21722279357%2F728x90_ob_staradvertiser&tk_flint=pbjs_lite_v8.26.0&l_pb_bid_id=3497adb71593777&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F21722279357%2F728x90_ob_staradvertiser&m_ch_mobile=%3F0&slots=1&rand=0.29783414394814645
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bc892b20f1f0906f14007ee13282d50fa1510887c165361ee5d714413e64973b

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
509
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
shb.richaudience.com/hb/ Frame F936 		1 B
238 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:37 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame F936 		19 B
867 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
an-x-request-uuid
27a098e7-ebf0-412f-b913-794fb7e281ab
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
prebid.smilewanted.com/ Frame F936 		0
314 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8407f20ebc203370-MIA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
hb
ssc.33across.com/api/v1/ Frame F936 		66 B
140 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=a2165ovUyr7ykCrkHcnnVW
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
619562b3888faa5db65b512989585a50e3717fca9b300e64efee5d4ab35ca067

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
unruly_prebid
targeting.unrulymedia.com/ Frame F936 		11 B
211 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
auction
tlx.3lift.com/header/ Frame F936 		19 B
762 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.26.0&referrer=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&tmax=2000&us_privacy=1---
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.194.35.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-35-34.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
accept-ch
sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
x-auction-status
29
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb.adtelligent.com/v2/auction/ Frame F936 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:932::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
a4c64622c6852c7245e0ad647de61ecf09ffb517637ce3b2b3d5f27b48659000

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 05 Jan 2024 01:28:36 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.staradvertiser.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
804
hb-mm-multi
hb.minutemedia-prebid.com/ Frame F936 		84 B
434 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.210.0.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-0-246.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
c1cc9655188304d60324cf42aa184bae2feac78ed46565b1194987e17028f66e

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:36 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.staradvertiser.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
pbjs
smartssp-us-east.iqzone.com/ Frame F936 		2 B
249 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://smartssp-us-east.iqzone.com/pbjs
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.2.111.111 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.staradvertiser.com
Date
Fri, 05 Jan 2024 01:28:37 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
prebid
lockerdome.com/ladbid/ Frame F936 		11 B
342 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/ladbid/prebid
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.staradvertiser.com
Date
Fri, 05 Jan 2024 01:28:37 GMT
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
Content-Length
31
Content-Type
application/json; charset=utf-8
sync
s.cpx.to/
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=34010&customParamenters
  • https://s.cpx.to/sync?dsp=rubicon&dsp_uid=LQZYJ7Y5-28-J2H9&customParamenters=
0
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=rubicon&dsp_uid=LQZYJ7Y5-28-J2H9&customParamenters=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
52.214.64.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-64-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 05 Jan 2024 01:28:37 GMT
date
Fri, 05 Jan 2024 01:28:37 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

Location
https://s.cpx.to/sync?dsp=rubicon&dsp_uid=LQZYJ7Y5-28-J2H9&customParamenters=
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm
  • https://s.cpx.to/sync?dsp_uid=CAESEPsa0vTY7s6j9bsMQmJLSnQ&dsp=dbm&google_cver=1
0
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=CAESEPsa0vTY7s6j9bsMQmJLSnQ&dsp=dbm&google_cver=1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
52.214.64.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-64-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 05 Jan 2024 01:28:37 GMT
date
Fri, 05 Jan 2024 01:28:37 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s.cpx.to/sync?dsp_uid=CAESEPsa0vTY7s6j9bsMQmJLSnQ&dsp=dbm&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D
  • https://s.cpx.to/sync?dsp=OPENX&dsp_uid=06405607-7011-454b-8c9e-03052caa067c
0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=OPENX&dsp_uid=06405607-7011-454b-8c9e-03052caa067c
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
52.214.64.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-64-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 05 Jan 2024 01:28:37 GMT
date
Fri, 05 Jan 2024 01:28:37 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

date
Fri, 05 Jan 2024 01:28:36 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://s.cpx.to/sync?dsp=OPENX&dsp_uid=06405607-7011-454b-8c9e-03052caa067c
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=A0864502-06A0-4ED8-A79E-7CD263E71299
0
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
52.214.64.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-64-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 05 Jan 2024 01:28:37 GMT
date
Fri, 05 Jan 2024 01:28:37 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=A0864502-06A0-4ED8-A79E-7CD263E71299
date
Fri, 05 Jan 2024 01:28:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.html
eus.rubiconproject.com/ Frame BA4E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:36 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:36 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2506 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D486214773fce3e9d%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71423
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 05 Jan 2024 01:28:37 GMT
expires
Fri, 05 Jan 2024 21:19:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 81DE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D486214773fce3e9d%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00cd54975d9eb21d88f1e0ef468c7cd5602ce7638538100c67d86103445bee00

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8407f20ea8fe25a3-MIA
content-encoding
br
content-type
text/html
date
Fri, 05 Jan 2024 01:28:36 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQt4%2F1uMpRDSTYBSMoFf0fZGHTgxqbGgrnvv5svoFpGeQEdQ6Ztub7BRAdUVUAGWwspTPfKafQtuWNm3LEMdY5xUT0AzCvJc46Be4HyLi31bAgwNeDdu2Z8kb%2BP0Wgfd6U05V%2BaA"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync
visitor.omnitagjs.com/visitor/ Frame D425
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=70&p=120&cp=adyoulike&cu=1&url=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fis_cookie_sync_uid%3Dtrue%26uid%3D4246a50e6cf42e85f26c381a4b7701fb%2...
  • https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=8b8293d3-9878-4b12-9ae2-54436c2413c7
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=8b8293d3-9878-4b12-9ae2-54436c2413c7
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:36 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=8b8293d3-9878-4b12-9ae2-54436c2413c7
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1376943
content-length
0
expires
Fri, 05 Jan 2024 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame E8A1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:37 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:36 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 58FA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:37 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:36 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
5b730f32-e78d-4814-954a-d00dcad68d3f
static.instiengage.com/client_images/0eda47e1-3a3f-4444-8ab9-a525f4133e8d/ Frame 0927 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/client_images/0eda47e1-3a3f-4444-8ab9-a525f4133e8d/5b730f32-e78d-4814-954a-d00dcad68d3f
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:244d:2200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a380dead26703cc5cedd312e8118608fedbab12b0dadf3669560cf9d0fc1ffe0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
AytNSLDHh2Ak1Xi2DsH0J3HCmEIiDdhD
date
Fri, 05 Jan 2024 01:28:37 GMT
via
1.1 03c28758fe0abb70088fb45c6855d854.cloudfront.net (CloudFront)
last-modified
Mon, 27 Dec 2021 22:16:23 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P2
etag
"bd9bfeea3cc6f7ebaf6101c5fe8bffef"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/octet-stream
cache-control
max-age=3600,public
accept-ranges
bytes
content-length
12572
x-amz-cf-id
bK3X6VSQe1jvuWCcKzpwlHmPQGfrw9ii7y9ot5D2NhYL4H7LwwS3BA==
/
sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/ Frame 5F91
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7386633197929965226&gdpr=0&gdpr_consent=
95 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7386633197929965226&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704418114850&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
date
Fri, 05 Jan 2024 01:28:21 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
an-x-request-uuid
a7a866e3-e88c-4b15-8ce0-1d5f71906e84
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7386633197929965226&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/ Frame 5F91
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?gdpr=0&euconsent=&uid=6066353311403014312
95 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?gdpr=0&euconsent=&uid=6066353311403014312
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704418114850&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
date
Fri, 05 Jan 2024 01:28:21 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?gdpr=0&euconsent=&uid=6066353311403014312
date
Fri, 05 Jan 2024 01:28:36 GMT
content-length
0
/
sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/ Frame 5F91
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=48de1664-fb49-47b7-b409-1zz1704418099
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Drichaudience%26expires%3D3...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Drichaudience%26expires%3D3...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=c4fec229-13ee-5305-99c3-5f50fc540415&ssp=richaudience&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=0&gdpr_consent=&us_ps=
95 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=0&gdpr_consent=&us_ps=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704418114850&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
date
Fri, 05 Jan 2024 01:28:22 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Location
//sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=0&gdpr_consent=&us_ps=
Date
Fri, 05 Jan 2024 01:28:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/ Frame 5F91
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/richaudience?gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AAAQHk7LLrYAABaDzK28HA&gdpr=0
95 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AAAQHk7LLrYAABaDzK28HA&gdpr=0
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704418114850&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
date
Fri, 05 Jan 2024 01:28:21 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AAAQHk7LLrYAABaDzK28HA&gdpr=0
Date
Fri, 05 Jan 2024 01:28:37 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
setuid
u.4dex.io/ Frame 0C9E
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LQZYJ7Y5-28-J2H9
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LQZYJ7Y5-28-J2H9
0
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=rubicon&uid=LQZYJ7Y5-28-J2H9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://u.4dex.io/setuid?bidder=rubicon&uid=LQZYJ7Y5-28-J2H9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
337ed184f66af647997bfabbb860519f
Expires
0
rum
id.rtb.mx/ Frame B7FB 		0
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://id.rtb.mx/rum?
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
131.153.242.59 , United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prebid.a-mo.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://prebid.a-mo.net
date
Fri, 5 Jan 2024 01:28:36 GMT
access-control-allow-credentials
true
f
fid.agkn.com/ Frame F936 		130 B
675 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fid.agkn.com/f?apiKey=2037571623&i6=2001:550:1d05:1::7&r=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.115.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-115-132.compute-1.amazonaws.com
Software
AAWebServer /
Resource Hash
fd0eeefd9e804c4919b83d88ffd9b87691d5455706d124704d46e8ca66ebac4a

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
server
AAWebServer
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
130
expires
0
gcid_s.min.js
p.gcprivacy.com/t/ Frame F936 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.gcprivacy.com/t/gcid_s.min.js
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-19.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a96afec7985a179003f4772e26ea673464fa96cf266d64b4d3498bdfb76c934

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
h6SOOisDvOnZ8QxOAk8mesEkLQgFkhA2
date
Thu, 04 Jan 2024 19:31:53 GMT
via
1.1 f0a9678a89ea6fb10debcb7507e49828.cloudfront.net (CloudFront)
last-modified
Sat, 30 Dec 2023 20:56:14 GMT
server
AmazonS3
x-amz-cf-pop
IAD12-P2
age
21405
x-amz-server-side-encryption
AES256
etag
"b0688aef353f82e201bfae7dcaad7079"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
12490
x-amz-cf-id
NU35l9tttlMFU-rfeENGqv0ftFnvvivK049u_h5VJWJgGPcC6n2npg==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/ Frame F936 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 13:54:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
41629
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138203
x-xss-protection
0
server
cafe
etag
14959461090202361603
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 03 Jan 2025 13:54:48 GMT
1ad7261b-91ea-4b6f-b9e9-b83522205b75
config.aps.amazon-adsystem.com/configs/ Frame F936 		564 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-101.iad12.r.cloudfront.net
Software
CloudFront /
Resource Hash
91278effc2efd0683e1382586d5267ac73476a7491f582c759f4efc5d386e49c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:54:32 GMT
via
1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD12-P3
age
2045
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
OcajMdNB9vjNJMrBygjqx8ch0jU_fgV4g8mhjTUwVi3iP7n6thFo6g==
config
c.amazon-adsystem.com/cdn/prod/ Frame F936 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
Server /
Resource Hash
09b09bf20f7f7f38329fe07b79ede959c60dffe1cc32a95dcf22ffc3bf3ff844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:57:12 GMT
via
1.1 417c242b19212928b079740e6dd8f54c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C1
age
1885
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
3861
x-amz-cf-id
60HNfmTqmQ2LCo54MqNCY_pfkqTiCL4r6w1uCEhYuVCkRfEfw3VLLw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame F936 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 13:08:23 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 71f1cca040033ebffc591cf9392d1528.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1
age
44415
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
knn55x88YjPQEp1e89WhN69yAC0ycfpbIEXBfYqe1hQu57Wcb-NGmQ==
usync.js
eus.rubiconproject.com/ Frame 420C 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12346
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-123718506-11&cid=495654607.1704418108&jid=269797655&_u=aDDAAUIZAAAAACAMI~&z=1893510228
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::93 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame A739 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12346
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 2E5E 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fhonolulustar-advertiser-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214055123-YAMFxqR3qCYbUd0e%26schain%3Dstnvideo.com%2CSTN_0001779%26content%3D13512%26placementType%3DPremium%26embed%3Dy3roexcY%26domain%3Dstaradvertiser.com%26player_size%3Dsmall%26player_width%3D300%26player_height%3D169%26player_type%3Dfloat%26smartmatch%3Dno%26version%3D7.29.3-U%26player_status%3DLVFNSNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00392%26rand%3D4%26uhr%3D15%26us_privacy%3D1---%26keywchk%3Dok&url=https%3A%2F%2Fwww.staradvertiser.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=250000&vrid=1263268&us_privacy=1---&hl=en&cmsid=2631244&plcmt=2&vconp=2&video_doc_id=3287948&vpa=auto&vpmute=1&cnc=5136785&kfa=0&tfcd=0&sdkv=h.3.609.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&gdpr=0&sdki=445&ptt=20&adk=2637527540&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&sid=91645F80-E325-4D16-891B-F5C4D65C6084&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806075&top=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&loc=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&dlt=1704418103961&idt=8723&dt=1704418117263&cookie=ID%3Dd5d9bc13cd177aaf%3AT%3D1704418107%3ART%3D1704418107%3AS%3DALNI_MZ4BZolVYIVHU4en5ncGzXTq6T5rg&gpic=UID%3D00000db0f4ed2e2f%3AT%3D1704418107%3ART%3D1704418107%3AS%3DALNI_Masyh_oFPy02WMRXLg2ivGrwvOkVA&correlator=1266727812956496&scor=665569721599138&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:37 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/usync/ Frame E96A 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
latest.json
origami.secure.ownlocal.com/origami_configs/bca583e0-ec70-45bd-8473-36cbb875dfdb/ Frame E3AD 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_configs/bca583e0-ec70-45bd-8473-36cbb875dfdb/latest.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0cc9ffb5a22f2ea2051caacd447504c85147aa892b52dce535fabf02b32de935

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:37 GMT
age
0
x-guploader-uploadid
ABPtcPoQSFwMHc3K1hnUhmO3TUFqkWshuQ-R9J7dyxkWJGS4VP8C8rUTiRUhIF8DNVOkZ_H-RrvUZV9N9Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
bca583e0-ec70-45bd-8473-36cbb875dfdb
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2780
last-modified
Thu, 04 Jan 2024 07:32:32 GMT
server
UploadServer
etag
"1f37b2addcb25fe35a94af9a2b7a6836"
x-goog-generation
1704007973711642
x-goog-hash
crc32c=D3qywg==, md5=HzeyrdyyX+NalK+aK3poNg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=0,s-maxage=3600
x-goog-stored-content-length
2780
accept-ranges
bytes
content-type
application/json
expires
Fri, 05 Jan 2024 02:28:37 GMT
latest.json
origami.secure.ownlocal.com/origami_configs/2beb8391-8ca8-4682-89f0-55982dbb48a6/ Frame 238D 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_configs/2beb8391-8ca8-4682-89f0-55982dbb48a6/latest.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9f42bd1596531e9f89a68c49209c00def34e9c7ba20bcfc97df8d5005633c74a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:37 GMT
age
0
x-guploader-uploadid
ABPtcPovfWNGVbW2RPrptv4KySTE7NYHXwz6Rjd0nEqK2H3gUHg4TPGwf0TJORsa-FkWrsAJpDJafthzpQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
2beb8391-8ca8-4682-89f0-55982dbb48a6
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2327
last-modified
Thu, 04 Jan 2024 07:32:33 GMT
server
UploadServer
etag
"611d21acb9e118715d54c62546823268"
x-goog-generation
1703835164646774
x-goog-hash
crc32c=dW8BQg==, md5=YR0hrLnhGHFdVMYlRoIyaA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=0,s-maxage=3600
x-goog-stored-content-length
2327
accept-ranges
bytes
content-type
application/json
expires
Fri, 05 Jan 2024 02:28:37 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 81DE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECemyniuPJpgJFg_geX-kIU&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECemyniuPJpgJFg_geX-kIU&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D486214773fce3e9d%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdF6F2Fi15q7P2a4qLGk3KtfzDNUo0I7wgcdSoxz4DnBt8pA%2FbSExybdJ40bZHwMRLnhmGPZ5qlrwm2%2F%2FeDooMIQZQq%2BVzF%2FPUltIeqN9a9o6TYjnJrjKLarGagTE%2BBAQfAvfKciLxx7uA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f2131a4825a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECemyniuPJpgJFg_geX-kIU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 81DE
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7386633197929965226
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7386633197929965226
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D486214773fce3e9d%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8rX09awiL4g%2FFtY4zHNlJweyai0FkG8%2BKmA8hclX8DUZNMsJik0scAGKCGRiU7pTIdV9zKfaSDrMrfBAa8OSUl9jE8ud2Ej59F5FVdYddTBYEdBmIyXqxrCRLNlJ0pNFd2068tx6CsUIA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f213db7d25a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
an-x-request-uuid
ea99e457-6be4-483d-85e6-6225bcc2a1f7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7386633197929965226
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 81DE 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D486214773fce3e9d%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:8d75:79f2:fdf1:69ff Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 81DE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAQHk7LLrYAABaDzK28HA&expiration=1705627717
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAQHk7LLrYAABaDzK28HA&expiration=1705627717
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D486214773fce3e9d%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5bYf0yQgp2ygFDFqDQpyzC%2Fqkr7LQFMADKk%2F0y1byGjCrsYOKqjhLZsAHiIHVE9C21jDViuowHMSy0hjEPhj1x%2BjH3HKvI5Jvgy3KTl4l7A7QAO17lhjyXBZqVMA79tIUMD8dLnzRa1FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f214fd9f25a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAQHk7LLrYAABaDzK28HA&expiration=1705627717
Date
Fri, 05 Jan 2024 01:28:37 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
tp_out
d.adroll.com/cm/index/ Frame 81DE 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D486214773fce3e9d%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:f86a:1dc2:9c08:7629 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:38 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum.casalemedia.com/ Frame 81DE
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504518
43 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504518
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D486214773fce3e9d%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQskhsCK7s0NrzRSPaNtwxF9XfkmJpFT1if%2BnsQ32aFV%2BbuhDFMKA3YrRhxNKLzrLMaaGTGnuId7binsTHPl1sAjzlwBxGRbydfr6ywsahz%2BFW2awaLrZLLbDcv%2FM9%2FCNl3TjYnj"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f21708d125a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504518
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum.casalemedia.com/ Frame 81DE
Redirect Chain
  • https://match.deepintent.com/usersync/113
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_c053429087de436daa35a
43 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_c053429087de436daa35a
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D486214773fce3e9d%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qG8oYMyPq91czI%2BLdH%2F3HSNLT4NeIDeXzIymeDcW%2B1kGGVOBpHdc8M14634NZM3j1ia3166AeGBKMPYAVxKASnR0jWgsugXZjwoKQHUQRqzWii0egYGGelK8BPtwbzStPaKxpZO"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f21718da25a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_c053429087de436daa35a
date
Fri, 05 Jan 2024 01:28:37 GMT
content-type
image/gif
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
live_intent_sync
x.dlx.addthis.com/e/ Frame 81DE
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZdbPwCgEoqR40X4NR82pgAA%261641&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=0e521442-191b-476e-bd4b-7f1dc324ebc5
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=0e521442-191b-476e-bd4b-7f1dc324ebc5&rd=Y
43 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=0e521442-191b-476e-bd4b-7f1dc324ebc5&rd=Y
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D486214773fce3e9d%26uid%3D
Protocol
H2
Server
23.45.145.114 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-145-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 05 Jan 2024 01:28:38 GMT
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=0e521442-191b-476e-bd4b-7f1dc324ebc5&rd=Y
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Fri, 05 Jan 2024 01:28:38 GMT
um
u-iad04.e-planning.net/ Frame 81DE 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=99e41df815fd80b4&fi=486214773fce3e9d&uid=ZZdbPwCgEoqR40X4NR82pgAA%261641
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D486214773fce3e9d%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:38 GMT
content-type
image/gif
d654ff413a956ee0f71628ada3896a9ca05828c
knottyswing.com/send/b201206750e2e/ 		295 B
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://knottyswing.com/send/b201206750e2e/d654ff413a956ee0f71628ada3896a9ca05828c
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
2069952c4a2112f8318fb9df910a123fce2ab2b572c872f44866118b645cee03
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 05 Jan 2024 01:28:37 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
x-hostname
fen-hoothoot-us-east1-b72j
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 05 Jan 2024 01:28:36 GMT
tap.php
pixel.rubiconproject.com/ Frame 54D8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/87Zs5s3RxBq05OKOY_tK_Mn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pBSrTt9E2oIv..54v92zr7eWUH7GHoFmOKBIWw--~A
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pBSrTt9E2oIv..54v92zr7eWUH7GHoFmOKBIWw--~A
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 05 Jan 2024 01:28:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pBSrTt9E2oIv..54v92zr7eWUH7GHoFmOKBIWw--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 54D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPuCkuvPMCHCm3sJrsv6s-4&google_cver=1
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPuCkuvPMCHCm3sJrsv6s-4&google_cver=1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPuCkuvPMCHCm3sJrsv6s-4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 54D8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dsfs3nqeRrq0Kt9CKrR-1Q&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dsfs3nqeRrq0Kt9CKrR-1Q
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dsfs3nqeRrq0Kt9CKrR-1Q
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H4JSYNCGBPAAB90DC34Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dsfs3nqeRrq0Kt9CKrR-1Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 54D8 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8BMS65ZZS74MRH4EASDN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 54D8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent=&expires=30
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent=&expires=30
date
Fri, 05 Jan 2024 01:28:37 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame 54D8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFaWUo3WTUtMjgtSjJIOQ==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOUJi9DC_Vw5thA3Eua916g&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFaWUo3WTUtMjgtSjJIOQ==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFaWUo3WTUtMjgtSjJIOQ==&google_push=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFaWUo3WTUtMjgtSjJIOQ==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 54D8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LQZYJ7Y5-28-J2H9&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQZYJ7Y5-28-J2H9&ex=d-rubiconproject.com&status=ok
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EV3ZY4677FKF9VRB2WDF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQZYJ7Y5-28-J2H9&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
setuid
px.ads.linkedin.com/ Frame 54D8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQZYJ7Y5-28-J2H9
0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQZYJ7Y5-28-J2H9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:37 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 623ED4917D1643CF8A950BFB3B8CC430 Ref B: MIAEDGE2707 Ref C: 2024-01-05T01:28:37Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOKMR34z+peAQSbCHVow==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQZYJ7Y5-28-J2H9
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 54D8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzZlM2JlNmMwNDBlODA3MWYxOGMyNjIzN2I5NTI5YTZkODE5NjA0Yw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzZlM2JlNmMwNDBlODA3MWYxOGMyNjIzN2I5NTI5YTZkODE5NjA0Yw
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzZlM2JlNmMwNDBlODA3MWYxOGMyNjIzN2I5NTI5YTZkODE5NjA0Yw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 54D8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAAQHk7LLrYAABaDzK28HA&expires=30
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAAQHk7LLrYAABaDzK28HA&expires=30
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAAQHk7LLrYAABaDzK28HA&expires=30
Date
Fri, 05 Jan 2024 01:28:37 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
receive
pixel.tapad.com/idsync/ex/ Frame 54D8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQZYJ7Y5-28-J2H9
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQZYJ7Y5-28-J2H9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:37 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQZYJ7Y5-28-J2H9
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
magnite
prebid.a-mo.net/setuid/ Frame 54D8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LQZYJ7Y5-28-J2H9
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQZYJ7Y5-28-J2H9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:37 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQZYJ7Y5-28-J2H9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
pixel
capi.connatix.com/us/ Frame 54D8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LQZYJ7Y5-28-J2H9&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LQZYJ7Y5-28-J2H9&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LQZYJ7Y5-28-J2H9&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8407f217bf2a742a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 05 Jan 2024 01:28:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LQZYJ7Y5-28-J2H9&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8407f2171e29742a-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 54D8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQZYJ7Y5-28-J2H9
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQZYJ7Y5-28-J2H9
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQZYJ7Y5-28-J2H9&ckls=true&ci=20XGSSSz8S&nc=false&trid=-281618865
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQZYJ7Y5-28-J2H9&ckls=true&ci=20XGSSSz8S&nc=false&trid=-281618865
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
via
1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
8Pk1MeIn-pbvBDbiIGFkPA_aEzoqCaUWh998LxG5NrRDsfymr2z8rQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
via
1.1 d591fee4e3f29cf0e3380368d25b4a40.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQZYJ7Y5-28-J2H9&ckls=true&ci=20XGSSSz8S&nc=false&trid=-281618865
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
7-i-KIX4bicvqKb99L7HUcrQIof7mWdmQ49Ty2tYgeZI6nj8uLOgZg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 54D8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQZYJ7Y5-28-J2H9
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQZYJ7Y5-28-J2H9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
an-x-request-uuid
677939e8-671e-46d2-8fbb-d20591013338
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQZYJ7Y5-28-J2H9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
cksync
hb.yahoo.net/ Frame 54D8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQZYJ7Y5-28-J2H9&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQZYJ7Y5-28-J2H9&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS04RW4zQVoxRTJ1RjFVaTNFeHNaeUd6dW0yRU40emxLaH5B&ovsid=LQZYJ7Y5-28-J2H9&dpid=58160
57 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS04RW4zQVoxRTJ1RjFVaTNFeHNaeUd6dW0yRU40emxLaH5B&ovsid=LQZYJ7Y5-28-J2H9&dpid=58160
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
23.45.13.203 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-13-203.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 05 Jan 2024 01:28:39 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Fri, 05 Jan 2024 01:28:39 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS04RW4zQVoxRTJ1RjFVaTNFeHNaeUd6dW0yRU40emxLaH5B&ovsid=LQZYJ7Y5-28-J2H9&dpid=58160
date
Fri, 05 Jan 2024 01:28:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.js
eus.rubiconproject.com/ Frame BA4E 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12346
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
usync.js
eus.rubiconproject.com/ Frame 58FA 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12346
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
usync.js
eus.rubiconproject.com/ Frame E8A1 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12346
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
merge
ce.lijit.com/ Frame 0C9E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LQZYJ7Y5-28-J2H9
43 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQZYJ7Y5-28-J2H9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LQZYJ7Y5-28-J2H9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
v1
match.sharethrough.com/sync/ Frame 0C9E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQZYJ7Y5-28-J2H9
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQZYJ7Y5-28-J2H9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
34.235.75.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-75-11.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:37 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQZYJ7Y5-28-J2H9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 0C9E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6adc7340-ca96-462d-b37b-baa1d1730357&expires=30
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6adc7340-ca96-462d-b37b-baa1d1730357&expires=30
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6adc7340-ca96-462d-b37b-baa1d1730357&expires=30
Date
Fri, 05 Jan 2024 01:28:37 GMT
Connection
keep-alive
X-CI-RTID
dcf13195-592d-4da7-b936-f7ab0a0176ff
Content-Length
144
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 0C9E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5394353749448417114
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5394353749448417114
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5394353749448417114
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 0C9E
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=d32de12f-65c3-42c1-a39f-1a86978ca970
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=d32de12f-65c3-42c1-a39f-1a86978ca970
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-servername
Track001-iad
pragma
no-cache
date
Fri, 05 Jan 2024 01:27:40 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=d32de12f-65c3-42c1-a39f-1a86978ca970
cache-control
private,no-cache
content-length
223
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 0C9E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=-tBDgfwlV_hvwp42xPpc4iaEdkY
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=-tBDgfwlV_hvwp42xPpc4iaEdkY
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=-tBDgfwlV_hvwp42xPpc4iaEdkY
Date
Fri, 05 Jan 2024 01:28:37 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
Rubicon
s.seedtag.com/cs/cookiesync/ Frame 0C9E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQZYJ7Y5-28-J2H9
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQZYJ7Y5-28-J2H9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:37 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQZYJ7Y5-28-J2H9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 0C9E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=8b8293d3-9878-4b12-9ae2-54436c2413c7
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=8b8293d3-9878-4b12-9ae2-54436c2413c7
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=8b8293d3-9878-4b12-9ae2-54436c2413c7
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
699318
content-length
0
expires
Fri, 05 Jan 2024 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0C9E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7898252983751812422&expires=60&gdpr=&gdpr_consent=
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7898252983751812422&expires=60&gdpr=&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7898252983751812422&expires=60&gdpr=&gdpr_consent=
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 0C9E
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7386633197929965226&expires=30
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7386633197929965226&expires=30
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:37 GMT
an-x-request-uuid
cf689662-54a3-4f73-86c7-3bb19cd55175
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7386633197929965226&expires=30
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
sync.targeting.unrulymedia.com/csync/ Frame 0C9E
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005&rndcb=8977114046
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=adconductor&bidswitch_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=eddd68999dcc1d60778e9f151f440da6&expires=30&ssp=adconductor&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://sync.1rx.io/usersync/bidswitch/f23bd312-5bb6-424a-95e9-d15220f0e7dc?gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:38 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
esync
token.rubiconproject.com/ Frame 0C9E
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 05 Jan 2024 01:28:37 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
143
match.deepintent.com/usersync/ Frame 0C9E 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/143
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:37 GMT
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
tap.php
pixel.rubiconproject.com/ Frame 0C9E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly
  • https://sync.1rx.io/usersync/rubicon/LQZYJ7Y5-28-J2H9
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-1b1c05a4-a7cb-40...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005&expires=30
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005&expires=30
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005&expires=30
date
Fri, 05 Jan 2024 01:28:38 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1b1c05a4a7cb4073855993f6a89d18e6005
content-type
text/html
setuid
s2s.t13.io/ Frame 0C9E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LQZYJ7Y5-28-J2H9
86 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=rubicon&uid=LQZYJ7Y5-28-J2H9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s2s.t13.io/setuid?bidder=rubicon&uid=LQZYJ7Y5-28-J2H9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
redirect
exchange.mediavine.com/usersync/ Frame 0C9E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQZYJ7Y5-28-J2H9
0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQZYJ7Y5-28-J2H9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
50.17.122.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-122-21.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:39 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQZYJ7Y5-28-J2H9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
quant.js
secure.quantserve.com/ Frame F936 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:37 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 12 Jan 2024 01:28:37 GMT
loader.js
static.anonymised.io/light/ Frame F936 		448 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.anonymised.io/light/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.217.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
054bf6e0dd3f847b3c45a2898df3fdfe0b3ed188feb4982d628407d967d1cac4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:35:07 GMT
content-encoding
gzip
age
1522410
x-guploader-uploadid
ABPtcPp0k_mRumy9nqRBs4Pni4HoAkWlyX3h-TLn_mljJAZJk7FWm2CEYxk3oiafhyHOadjsc-hSZLkk1g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
last-modified
Mon, 18 Dec 2023 10:35:02 GMT
server
UploadServer
etag
"ffc7c62287b023d06b1f29d8bb985c14"
x-goog-generation
1702895702367949
x-goog-hash
crc32c=U6alag==, md5=/8fGIoewI9BrHynYu5hcFA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
no-transform
x-goog-stored-content-length
313
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 17 Dec 2024 10:35:07 GMT
pr
s.amazon-adsystem.com/v3/ Frame 2EE5 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a8cc48141370dac9626dd5acaba17101a74b9b7afc54d50a70c650cb00e8e789
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3613
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 05 Jan 2024 01:28:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
TTN211QT12SWGE8VARV7
bid
aax.amazon-adsystem.com/e/dtb/ Frame F936 		786 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&pid=8RnG0lo1NFFJN&cb=0&ws=728x90&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%2254c4ac53-0f96-43ce-b6fd-e12dbd6c2078%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21722279357%2F728x90_ob_staradvertiser%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!adapex.io%2Cs1956%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%2295d1454d-e53e-46b3-b4de-3341491a2a03%22%2C%22audigent%22%3A%22%257B%2522hadronId%2522%253A%2522060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%2522%257D%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.66.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-66-130.iad12.r.cloudfront.net
Software
Server /
Resource Hash
73744d9b3394754670b93de4b688cda23c6a21eac763b618c0b94d254c6823c1
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:37 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7699e4f17e72e42cba0c247c650005d2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD12-P1
x-amz-rid
NJV6CT760N4T7GTEFBT7
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
786
x-amz-cf-id
dSMRkYfak8Rw3Pa2FYJuUgxgMxq-PqyzLRdomLsVHUpflLlDIZlewQ==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 		264 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/3YAuFpM-Bh5lZY_ZLdSxFknzxv8/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:04:16 GMT
server
cloudflare
x-amz-request-id
6YY1NAZGMPDHS1VK
age
3177449
etag
W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
8407f2141ec19abd-MIA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
J77991lmUc40czOifUPeVmbHudT3k1PgN3u6uCxuzBz8NpqEqB/FqhIigAcgKzxViu6VXwaxg2A=
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3WXZ5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d0e98bf6b55649ceb5eb9fc9add99d32b5a3e1bef7af78138b5ac4d82838776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29211
x-xss-protection
0
server
cafe
etag
826 / 19727 / m202312070101 / config-hash: 147569701560198365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:28:37 GMT
khaos.json
token.rubiconproject.com/ Frame 8530 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
khaos.json
token.rubiconproject.com/ Frame 0868 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
lEEM4ZLDLFuvATVvcnxglI8CLvLrSc6BLt7Ue_ua1SM.js
www.google.com/js/bg/ Frame E5BB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/lEEM4ZLDLFuvATVvcnxglI8CLvLrSc6BLt7Ue_ua1SM.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::93 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94410ce192c32c5baf01356f727c60948f022ef2eb49ce812eded47bfb9ad523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=c8pisbjflbue
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 20:59:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
16134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6830
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jan 2025 20:59:43 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E5BB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 20:10:21 GMT
x-content-type-options
nosniff
age
105496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 10 Jan 2024 20:10:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E5BB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=c8pisbjflbue
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:08:29 GMT
x-content-type-options
nosniff
age
220808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 12:08:29 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E5BB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=c8pisbjflbue
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 13:33:44 GMT
x-content-type-options
nosniff
age
474893
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Dec 2024 13:33:44 GMT
lEEM4ZLDLFuvATVvcnxglI8CLvLrSc6BLt7Ue_ua1SM.js
www.google.com/js/bg/ Frame FE25 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/lEEM4ZLDLFuvATVvcnxglI8CLvLrSc6BLt7Ue_ua1SM.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::93 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94410ce192c32c5baf01356f727c60948f022ef2eb49ce812eded47bfb9ad523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=x9nb1jn75hou
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 20:59:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
16135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6830
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jan 2025 20:59:43 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame FE25 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 20:10:21 GMT
x-content-type-options
nosniff
age
105497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 10 Jan 2024 20:10:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FE25 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=x9nb1jn75hou
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:08:29 GMT
x-content-type-options
nosniff
age
220809
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 12:08:29 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FE25 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=x9nb1jn75hou
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 13:33:44 GMT
x-content-type-options
nosniff
age
474894
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Dec 2024 13:33:44 GMT
/
de.tynt.com/deb/ Frame DDE0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95...
2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
1a5242cb262bd80d7868f099739785677f29eea40168a214a3a1449e8da8b2b6

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2206
content-type
text/html
date
Fri, 05 Jan 2024 01:28:37 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Fri, 05 Jan 2024 01:28:38 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8340000A
sync
ssbsync.smartadserver.com/api/ Frame E179 		919 B
985 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.36 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
547fdd911a5d3926c771295f981018f059209b1acf25c9e5c6c67f915002fbd5

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
919
content-type
text/html
date
Fri, 05 Jan 2024 01:28:37 GMT
loader
api.retargetly.com/ Frame CF76 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.retargetly.com/loader?id=1473
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:118d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a2c6e2df944df207d9221529b4957d8a010369c75d9fe3863379bef02e728dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
public, max-age=604800
cf-ray
8407f2172d3074a0-MIA
expires
Fri Jan 12 2024 01:28:38 GMT+0000 (Coordinated Universal Time)
dcm
s.amazon-adsystem.com/ Frame 9D63 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=A0864502-06A0-4ED8-A79E-7CD263E71299&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
MPEQF32ZE72CC2MP4N05
ImgSync
image8.pubmatic.com/AdServer/ Frame A363
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBUUhrN0xMcllBQUJhRHpLMjhIQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAAQHk7LLrYAABaDzK28HA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=6066353311403014312&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAAQHk7LLrYAABaDzK28HA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D6066353311403014312%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=6066353311403014312&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=A...
  • https://sync.technoratimedia.com/services?uid=AAAQHk7LLrYAABaDzK28HA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D6066353311403014312%26gdpr%3D0%26gdpr%3D0%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=6066353311403014312&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAQHk7LLrYAABaDzK28HA&gdpr=0
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 05 Jan 2024 01:28:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 04 Jan 2024 14:52:22 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame A59D
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_c053429087de436daa35a
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 05 Jan 2024 01:28:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 05 Jan 2024 01:28:36 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 1E4E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7386633197929965226&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 04 Jan 2024 01:40:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 05 Jan 2024 01:28:37 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 252A
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c13636fe-ab69-11ee-b47c-6e5120466e9f
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 05 Jan 2024 01:28:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 05 Jan 2024 01:28:39 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 838F 		85 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 05 Jan 2024 01:28:38 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760049-MIA
x-timer
S1704418118.255782,VS0,VE26
Pug
image2.pubmatic.com/AdServer/ Frame AF0E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AagteAL_IHkaqSR2B6o5LFX4ISkarXUsVazYg6Tx
42 B
567 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AagteAL_IHkaqSR2B6o5LFX4ISkarXUsVazYg6Tx
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 05 Jan 2024 01:28:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 05 Jan 2024 01:28:38 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AagteAL_IHkaqSR2B6o5LFX4ISkarXUsVazYg6Tx
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
ImgSync
image8.pubmatic.com/AdServer/ Frame ED87
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=0&gdpr_consent=&gdp...
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=3f6eae77-8436-31c0-ac70-7d1572b10ec2&ssp=pubmatic&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 05 Jan 2024 01:28:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 05 Jan 2024 01:28:38 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame CB84
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:wEAGKYle1Rlz0J5&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 05 Jan 2024 01:28:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 04 Jan 2024 14:21:47 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 2D96
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-tBDgfwlV_hvwp42xPpc4iaEdkY&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 05 Jan 2024 01:28:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 04 Jan 2024 14:53:20 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame BCCC
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=b9e4ff91-bb58-47f1-b815-3c3079feda17&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=A0864502-06A0-4ED8-A79E-7CD263E71299
42 B
495 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.188.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-188-37.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:40 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 05 Jan 2024 01:28:39 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=A0864502-06A0-4ED8-A79E-7CD263E71299
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 0681
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1813050728247349171
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1813050728247349171
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 05 Jan 2024 01:28:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 05 Jan 2024 01:28:38 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1813050728247349171
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame 7F04
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 05 Jan 2024 01:28:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 01:28:38 GMT
expires
Fri, 05 Jan 2024 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
8230206
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
i.match
s.tribalfusion.com/z/ Frame 737B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8407f2211f9a5f20-MIA
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 05 Jan 2024 01:28:39 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8407f21e6a2d5f20-MIA
content-type
text/html
date
Fri, 05 Jan 2024 01:28:39 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
478
Pug
image2.pubmatic.com/AdServer/ Frame FA37
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6f38051ae3b444a4aea786afd04874f0
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6f38051ae3b444a4aea786afd04874f0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 05 Jan 2024 01:28:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Fri, 05 Jan 2024 01:28:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6f38051ae3b444a4aea786afd04874f0
pragma
no-cache
server
Tengine
ImgSync
image8.pubmatic.com/AdServer/ Frame 11DD
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=872817532029
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 05 Jan 2024 01:28:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 05 Jan 2024 01:28:39 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 1423
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 05 Jan 2024 01:28:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 05 Jan 2024 01:28:38 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
ImgSync
image8.pubmatic.com/AdServer/ Frame C716
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=KFJ8PyxrAC6Nv899R1uXZQ
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 05 Jan 2024 01:28:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 05 Jan 2024 01:28:39 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
pubmatic
ad.mrtnsvr.com/sync/ Frame 4616 		0
0
b9e8126a-a546-48ae-9dc7-dd9b2e497b11
ex.ingage.tech/v1/sync/pubmatic/ Frame 24B2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/pubmatic/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
cf-ray
8407f21709c8db05-MIA
date
Fri, 05 Jan 2024 01:28:38 GMT
server
cloudflare
vary
Origin
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3ADB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oIZFAgagTtinnnzSY-cSmQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:38 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=71422
accept-ranges
bytes
content-length
5622
expires
Fri, 05 Jan 2024 21:19:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 3ADB
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=A0864502-06A0-4ED8-A79E-7CD263E71299
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=4997edfe-4ce1-4693-848f-c8b66f02f74e&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=52484525425390576564160136390183098686&pt=4997edfe-4ce1-4693-848f-c8b66f02f74e%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=52484525425390576564160136390183098686&pt=4997edfe-4ce1-4693-848f-c8b66f02f74e%2C%2C
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:38 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

dcs
dcs-prod-va6-1-v053-0b494a491.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
sK4eGOOERdo=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=52484525425390576564160136390183098686&pt=4997edfe-4ce1-4693-848f-c8b66f02f74e%2C%2C
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 3ADB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20A0864502-06A0-4ED8-A79E-7CD263E71299&rnd=RND
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 3ADB 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=A0864502-06A0-4ED8-A79E-7CD263E71299&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 3ADB
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:38485CB5441247569104AE4050593124
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Fri, 05 Jan 2024 01:28:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 3ADB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
date
Fri, 05 Jan 2024 01:28:38 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
220
content-type
text/html; charset=utf-8
A0864502-06A0-4ED8-A79E-7CD263E71299
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3ADB 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A0864502-06A0-4ED8-A79E-7CD263E71299?gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:8d75:79f2:fdf1:69ff Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 3ADB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A0864502-06A0-4ED8-A79E-7CD263E71299&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HJznAO9E2uXaESYhcgBswZaynXymPos-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HJznAO9E2uXaESYhcgBswZaynXymPos-~A&gdpr=0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:51:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HJznAO9E2uXaESYhcgBswZaynXymPos-~A&gdpr=0
date
Fri, 05 Jan 2024 01:28:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 3ADB
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=6adc7340-ca96-462d-b37b-baa1d1730357&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
date
Fri, 05 Jan 2024 01:28:37 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
220
content-type
text/html; charset=utf-8
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 3ADB
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504518&nuid=A0864502-06A0-4ED8-A79E-7CD263E71299&...
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
date
Fri, 05 Jan 2024 01:28:37 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
220
content-type
text/html; charset=utf-8
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 3ADB 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.16.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-16-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:39 GMT
sn.ashx
pmp.mxptint.net/ Frame 3ADB
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_10EC9D624_9826E577&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
38.98.69.175 North Bergen, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-387422920; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:39 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-387422920; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Fri, 05 Jan 2024 01:28:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 3ADB
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:38 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Fri, 05 Jan 2024 01:28:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 3ADB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7898252983751812422&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
date
Fri, 05 Jan 2024 01:28:37 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
220
content-type
text/html; charset=utf-8
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame 3ADB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5394353749448417114
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
date
Fri, 05 Jan 2024 01:28:37 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
220
content-type
text/html; charset=utf-8
csi
csi.gstatic.com/ Frame 2E5E 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lqzyjc4e&c=5102184516937&slotId=2551092258468.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1004::5e Fort Worth, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame F936 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.7.29.146 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-29-146.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:38 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 05 Jan 2024 01:43:38 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame F936 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-85.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 21:34:44 GMT
content-encoding
gzip
via
1.1 bdf2aab533e801e16a7a135842a2ee18.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P2
age
14036
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
-kbR1Tm_53-S3zldzhkVXauUH1gnsTv9-KlBo2U-I-5L1Bxr8YV4EQ==
ima.js
cdn-ima.33across.com/ Frame F936 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:35 GMT
server
cloudflare
age
67495
etag
W/"65833ebf-2810"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8407f2180c6e4982-MIA
expires
Mon, 08 Jan 2024 01:28:38 GMT
hadron.js
cdn.hadronid.net/ Frame F936 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&ref=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&_it=amazon&partner_id=405
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:38 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CADRK6PEVBEZB5
age
6568
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8407f21808619ae5-MIA
x-amz-id-2
flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame F936 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
S1SEA8ZWV1HAVCHH
age
26
etag
W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8407f21fdece09c2-MIA
x-amz-id-2
ZWTe/vgiRpe51FuvWTLieqCbWPmAIYd15ldfqmR4pgDlef6UqeD3GeITLJJCiaykyLPeWjStC80KitU+UX8CeA==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame F936 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.7.29.146 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-29-146.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:38 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Fri, 05 Jan 2024 01:43:38 GMT
ecm3
s.amazon-adsystem.com/ Frame 2EE5
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=f23bd312-5bb6-424a-95e9-d15220f0e7dc
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5NHD1CHF9YY0RKWAWAHK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Date
Fri, 05 Jan 2024 01:28:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 2EE5
Redirect Chain
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=d08b0939-e7dd-47e1-a1ce-13919d351d77
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=d08b0939-e7dd-47e1-a1ce-13919d351d77
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MPW1CWK6TA3G1XWBHP8R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=d08b0939-e7dd-47e1-a1ce-13919d351d77
date
Fri, 05 Jan 2024 01:28:38 GMT
server
_
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 2EE5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2069.5%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=2189794078
  • https://sync.1rx.io/usersync3/centro/2069.5/d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553?zcc=0&sspret=1&rndcb=2189794078
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005%26ex%3Dr...
  • https://s.amazon-adsystem.com/ecm3?id=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005&ex=rhythmone.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005&ex=rhythmone.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
709KE113PZ9RBDF0WJ2K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005&ex=rhythmone.com
date
Fri, 05 Jan 2024 01:28:40 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1b1c05a4a7cb4073855993f6a89d18e6005
content-type
text/html
ecm3
s.amazon-adsystem.com/ Frame 2EE5
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=44e38e5e65
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=44e38e5e65
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MWJ99V784RCM3ZKRV1FJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 05 Jan 2024 01:27:42 GMT
via
1.1 b18bcd54d0f77ca53d7c0ba4b9e54284.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD89-P2
age
57
x-cache
Hit from cloudfront
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=44e38e5e65
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
p5BLhm3hwGGG-g61Vs773OaDQ7ynFMKGNR11JqXM6FYOMp-gKawzcA==
/
onetag-sys.com/match/ Frame 2EE5 		0
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame 2EE5
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=8EE54A40A4D44D4E95BBF6D40223C82E&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=8EE54A40A4D44D4E95BBF6D40223C82E&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JHA28807FYN9DBS9TSJ8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 05 Jan 2024 01:28:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=8EE54A40A4D44D4E95BBF6D40223C82E&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 04 Jan 2024 01:28:39 GMT
ecm3
s.amazon-adsystem.com/ Frame 2EE5
Redirect Chain
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded2276f7b82e2lucx800lqzyji0f
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded2276f7b82e2lucx800lqzyji0f
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T5QTQEKSSKMVE69QG7QC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 05 Jan 2024 01:28:39 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded2276f7b82e2lucx800lqzyji0f
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame 2EE5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=BUe8t8AGKClBFU9g5GxQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=BUe8t8AGKClBFU9g5GxQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
505D4NPPNBJ9QZQ4E6N3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:39 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=BUe8t8AGKClBFU9g5GxQ
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame E5BB 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=c8pisbjflbue
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::93 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=c8pisbjflbue
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 05 Jan 2024 01:28:38 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.153&tna=Mather&aid=v1&p=web&tz=Pacific%2FHonolulu&tzoff=600&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=2&f_privb=0&tid=f80c862b-8c66-47aa-aa39-a67b7e7c94e8&pid=aa0ee584-5894-413a-b029-99e46ffd74d9&dtm=1704418118440&qnm=_matherq&visible=1&tabid=9b460c08-7e4c-4a25-b3d6-c10ee41ad073&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&vp=1600x1200&ds=1600x6503&tofa=1704418108&vid=1&lvidt=1704418108&duid=d68fc899d8562c3c&fp=742780693&cid=ma15446&mrk=988352900&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcwNDQxODEwMzU1MiIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIzMS4ybWIiLCJoZWFwVCI6IjM3LjNtYiIsImZzdFBhaW50IjoiMTc5OSIsImZldGNoUyI6IjAiLCJkb21haW5TIjoiMTMiLCJkb21haW5FIjoiMTMiLCJjb25uUyI6IjEzIiwiY29ubkUiOiIyNjMiLCJzc2xTIjoiOTEiLCJyZXF1UyI6IjMwOCIsInJlc3BTIjoiNDA1IiwicmVzcEUiOiI1MjkiLCJkb21Mb2FkIjoiNDA5IiwiZG9tSW50ZXIiOiIzNzg1IiwiZG9tTG9hZFMiOiIzNzk1IiwiZG9tTG9hZEUiOiIzODU3In19
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.22.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-22-220.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 05 Jan 2024 01:28:38 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cs
cs.yellowblue.io/ Frame 8530
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&gdpr_consent=undefined&gdpr=0&khaos=LQZYJ7Y5-28-J2H9
  • https://cs.yellowblue.io/cs?aid=11590&id=LQZYJ7Y5-28-J2H9&gdpr=0&gdpr_consent=undefined
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LQZYJ7Y5-28-J2H9&gdpr=0&gdpr_consent=undefined
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
34.202.106.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-106-54.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:39 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LQZYJ7Y5-28-J2H9&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
b9e8126a-a546-48ae-9dc7-dd9b2e497b11
ex.ingage.tech/v1/sync/rubicon/ Frame 0868
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=insticator&khaos=LQZYJ7Y5-28-J2H9
  • https://ex.ingage.tech/v1/syncPage/rubicon?uid=LQZYJ7Y5-28-J2H9
  • https://ex.ingage.tech/v1/sync/rubicon/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=LQZYJ7Y5-28-J2H9
0
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/rubicon/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=LQZYJ7Y5-28-J2H9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8407f222ffe82583-MIA
vary
Origin

Redirect headers

date
Fri, 05 Jan 2024 01:28:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
location
/v1/sync/rubicon/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=LQZYJ7Y5-28-J2H9
access-control-allow-credentials
true
cf-ray
8407f221ee352583-MIA
content-length
0
webworker.js
www.google.com/recaptcha/api2/ Frame FE25 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=x9nb1jn75hou
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::93 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=x9nb1jn75hou
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 05 Jan 2024 01:28:38 GMT
khaos.json
token.rubiconproject.com/ Frame FFC3 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
khaos.json
token.rubiconproject.com/ Frame 124B 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
khaos.json
token.rubiconproject.com/ Frame E482 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
khaos.json
token.rubiconproject.com/ Frame 484B 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
cx-overlay.js
tags.qortex.ai/cxo/ 		127 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.qortex.ai/cxo/cx-overlay.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9fba1b0797e04bb4e94dffcf9068f89e75b4fa5569dc9efcb5aa72275435457b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
149
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1iJJ0EaN%2Fv4qr%2BazCoMFkskXEW1DIs63QgFrI8e3c9a4kHm5ON9%2BDyYq1VSoJthCVdMX%2BX3bXsjqrziUfESa4H0C6slwG7MFCSJj7ig88CbzHLAFeLtz1v%2BHKDKo3A%2BerUEYi8GeJmFJ14y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8407f218ea224c0f-MIA
/
onetag-sys.com/usync/ Frame 14E0 		2 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame CF76 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-85.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 21:35:33 GMT
content-encoding
gzip
via
1.1 bdf2aab533e801e16a7a135842a2ee18.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P2
age
13987
x-amz-server-side-encryption
AES256
etag
W/"54c61a0ae34474e317dc273453fb9ccd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
SstIh-lXzknRQVEXz5MaTr_yHYB2uFOtTVNSqM8qvToVNcIgZ0epzA==
15581
rtb.gumgum.com/usync/ Frame B216 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.45.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-45-79.compute-1.amazonaws.com
Software
nginx /
Resource Hash
91ff11c192717c480ffd2c9f6627e8f42751c00daaf242a48c6025f54d1d027a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 05 Jan 2024 01:28:39 GMT
etag
W/"0e791af1e7861a54492d274bde5409619"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame B73C 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
f88ce80c046186ec6091f3f736524a2a44a21ab4d5989161cfdbf8896e5836d2

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1445
content-type
text/html; charset=utf-8
date
Fri, 05 Jan 2024 01:28:39 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
visitor.omnitagjs.com/visitor/ Frame E179 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=6066353311403014312&name=SMARTADSERVER&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame E179
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NjA2NjM1MzMxMTQwMzAxNDMxMg==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEBxZa7EzIOj-2rgMQZMYP64&gdpr=0&gdpr_consent=&google_cver=1
43 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEBxZa7EzIOj-2rgMQZMYP64&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:39 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEBxZa7EzIOj-2rgMQZMYP64&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame E179
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=smartadserver
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=-tBDgfwlV_hvwp42xPpc4iaEdkY&user_group=1&ssp=smartadserver&gdpr=0
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=0&gdpr_consent=
Date
Fri, 05 Jan 2024 01:28:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame E179
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=BUe8t8AGKClBFU9g5GxQ&gdpr=0
43 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=BUe8t8AGKClBFU9g5GxQ&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:39 GMT
Content-Type
text/html; charset=utf-8
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=BUe8t8AGKClBFU9g5GxQ&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
140
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame E179
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=274abd0f1c
43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=274abd0f1c
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:39 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Fri, 05 Jan 2024 01:28:22 GMT
via
1.1 b18bcd54d0f77ca53d7c0ba4b9e54284.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD89-P2
age
17
x-cache
Hit from cloudfront
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=274abd0f1c
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
FtevbiMGX9FklUU4DzYh7a6-rLAc2I8di8yeuq-m_k7EZadQfmOqPA==
a0fbba5e-1c66-4905-be71-54665541dba5
https://prebid.a-mo.net/ Frame B7FB 		183 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://prebid.a-mo.net/a0fbba5e-1c66-4905-be71-54665541dba5
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2ac765523f05c26a3b51f6f34cc4a112262cb125c5cc4452d1cc66524f8cf96

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
183
Content-Type
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=YAMFxqR3qCYbUd0e&instance=214055123&version=7.29.3-U&age=240105&ldt=NO_IMP&key=y3roexcY&c_id=13479&seq=1&order=6&vIndex=0&absoluteTime=15076.7&relativeTime=10719.6&sm_id=3287948&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=13512&load=1&status=LVFNSNIY&ac_id=2008&adIndex=-1&DS=found&prebidABS=G&prebidABC=[[1,%22control_mod_del%22],[1,%22bidder_mod%22,%220_mod%22],[1,%22bidder_del%22,%220_del%22]]&eg.enabled=false&eg.delay=15&eg.ctdwn=5&eg.vl=30&eg.mid=rm&eg.source=p6&eg.time=false
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.145.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-145-94.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:38 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
p
sb.scorecardresearch.com/ Frame 2894 		43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1704418111065&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=34073&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=3287948&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1704418118631&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=7565&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Oahu%20Publications%20Recirc&c3=sendtonews&c4=News&c6=*null&c7=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&c8=&c9=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-29.iad12.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:38 GMT
via
1.1 39cace2136102a575c38c82525d3b770.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
IAD12-P2
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
Zn9sRDTynr2AcGZpskjsFRBuhkmnI1uMc4dFm9qQnlTYWvLQiF8FaA==
events
bidder.criteo.com/csm/ Frame F936 		0
200 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:38 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixels
ssp-sync.criteo.com/user-sync/ Frame F936 		670 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
cd5b17f46df8a60652af42b2a183820e11bb08ddf8ac525acfe1f4a7be9d4984
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
usermatch
ssum-sec.casalemedia.com/ Frame 7C61 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94ddadb4fc553ae633ee72ce4eaa0713856fc4090fb3f7e27c9fb40445758896

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8407f21dec3a25a3-MIA
content-encoding
br
content-type
text/html
date
Fri, 05 Jan 2024 01:28:39 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXwFnkQKm6FsxzednrQsEGZUiTZNHIcMH0zHjE0Uk5c25GxbmUTt5IGJGTQAsN28r30pGJh2wILSJHK07mJzjwGmmSqZnteA8QvnRByNqXR%2FBruqXJaYfYUAODrqOk68FF3UTygOeBsNYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 9711 		829 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
188166a1f6d59bfdaff466215df4b4788c27d56cbc03a96314b49a99f41c6c12

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
515
content-type
text/html
date
Fri, 05 Jan 2024 01:28:39 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
match.sharethrough.com/jwumXNuB/v1/ Frame 712C 		670 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.75.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-75-11.compute-1.amazonaws.com
Software
/
Resource Hash
e0a0c384222d54f5ef5078e845f601bce1377ce545b2541874f82711c8e56fb2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
670
date
Fri, 05 Jan 2024 01:28:39 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DB5D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71421
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 05 Jan 2024 01:28:39 GMT
expires
Fri, 05 Jan 2024 21:19:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 74EB 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:39 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ Frame F936 		42 B
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&src=pbjs&ver=8.26.0&coppa=0&us_privacy=1---
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:38 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
id.a-mx.com/sync/ Frame F936 		99 B
631 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/&tl=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/&nf=1&rt=true&v=8.26.0&av=2.0&vg=aaw&us_privacy=null&am=fd21eeb0-4e49-4a1c-be95-c93fd2d84953&gdpr=0&gdpr_consent=
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
131.153.242.59 , United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
/
Resource Hash
96e81b0a3347993f68b10648e08dc9ec74a05b452d08dc6498967c4b46dfdbe7

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 5 Jan 2024 01:28:38 GMT
access-control-allow-credentials
true
content-length
99
content-type
application/json
sid
mug.criteo.com/ Frame F936
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&cw=1&pbt=1&lsw=1&us_privacy=1---
  • https://mug.criteo.com/sid?cpp=rIt5UXw1US92QWc3d2hnUG95aE9XdjdoZkpJOEtHMk9CMWhud1FEZm43dEs4bTA1eHdZc0Ftdy83T3JrUUhDbGxaVE9XMjBBSnhhM2pJYmRjL1VSR0s2ZDVGeVRUWkY4UGN1ZjYxVENhOGtEbDZ1U2ZQb2U0VGMydWRIK0...
469 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=rIt5UXw1US92QWc3d2hnUG95aE9XdjdoZkpJOEtHMk9CMWhud1FEZm43dEs4bTA1eHdZc0Ftdy83T3JrUUhDbGxaVE9XMjBBSnhhM2pJYmRjL1VSR0s2ZDVGeVRUWkY4UGN1ZjYxVENhOGtEbDZ1U2ZQb2U0VGMydWRIK0pNY3VSdlowNHpxNXlMa0FzUEhNM2hQeXIvbTVaOGdldWpTRU8va0h1bTJVeTEyZEI1VlZpcWgvRVhobzdTSmdndzdFa09vdUZRbXBSYTNkWis1VHI2SGIxR0R1bVMvQ2YrVG40cFhxZG9KREN6bHdSVnhpZkZrYXllMXNWZWEvMTRVTzdyRCtoUmtxaThzOUZUNlNjV0pPaG5pQlQydTU5b09HMkE5bnFsTDlKSTNvTmFwZz18&cppv=2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d0cb9380a208e4cddf7a93ed4ad2f7468ccc54958a3645af896ada3ad7c93c91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1827621
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://www.staradvertiser.com
location
https://mug.criteo.com/sid?cpp=rIt5UXw1US92QWc3d2hnUG95aE9XdjdoZkpJOEtHMk9CMWhud1FEZm43dEs4bTA1eHdZc0Ftdy83T3JrUUhDbGxaVE9XMjBBSnhhM2pJYmRjL1VSR0s2ZDVGeVRUWkY4UGN1ZjYxVENhOGtEbDZ1U2ZQb2U0VGMydWRIK0pNY3VSdlowNHpxNXlMa0FzUEhNM2hQeXIvbTVaOGdldWpTRU8va0h1bTJVeTEyZEI1VlZpcWgvRVhobzdTSmdndzdFa09vdUZRbXBSYTNkWis1VHI2SGIxR0R1bVMvQ2YrVG40cFhxZG9KREN6bHdSVnhpZkZrYXllMXNWZWEvMTRVTzdyRCtoUmtxaThzOUZUNlNjV0pPaG5pQlQydTU5b09HMkE5bnFsTDlKSTNvTmFwZz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
642482
content-length
0
expires
0
prebid
id5-sync.com/api/config/ Frame F936 		135 B
423 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
any
idx.liadm.com/idex/prebid/ Frame F936 		50 B
461 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/any?resolve=nonId
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.63.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-63-182.compute-1.amazonaws.com
Software
/
Resource Hash
ae85455ff9cb05a60539ecd4a041e1f69bab1e90dae1126ade62dfae410bf31a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
5
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=86399, private
access-control-allow-credentials
true
trace-id
82cf2f72e70ab114
content-length
50
expires
Sat, 06 Jan 2024 01:28:39 GMT
fpc
at.teads.tv/ Frame F936 		56 B
402 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=1---&sv=prebid-v1
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-197-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fce34a2a2c349660263a2a783d95204d1abfb230be895e86b682c3be276fd5e0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:39 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
56
Expires
Fri, 05 Jan 2024 01:28:39 GMT
iu3
s.amazon-adsystem.com/ Frame B9CA 		400 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_pm-db5_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e26ca0f600387df2f74171d52a5452fc0afb33fdc09b493ab1078dac068dda5d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
400
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 05 Jan 2024 01:28:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
WYWGBHCYXSJSF05P9N7G
cookie-sync
sync.outbrain.com/ Frame 8530
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain&gdpr=0
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQZYJ7Y5-28-J2H9&obUid=&initiator=&gdpr=0
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQZYJ7Y5-28-J2H9&obUid=&initiator=&gdpr=0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:39 GMT
Cache-Control
no-cache
X-TraceId
61fba5809e3e8ec28f4fedcfb71d4d7a
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQZYJ7Y5-28-J2H9&obUid=&initiator=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
cs
cs.minutemedia-prebid.com/ Frame 8530
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr=0
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQZYJ7Y5-28-J2H9&gdpr=0
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQZYJ7Y5-28-J2H9&gdpr=0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:39 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQZYJ7Y5-28-J2H9&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
cs
cs.yellowblue.io/ Frame 8530
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage&gdpr=0
  • https://cs.yellowblue.io/cs?aid=11590&id=LQZYJ7Y5-28-J2H9&gdpr=0
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LQZYJ7Y5-28-J2H9&gdpr=0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
34.202.106.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-106-54.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:39 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LQZYJ7Y5-28-J2H9&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame 8530
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQZYJ7Y5-28-J2H9&name=RUBICON&gdpr=0
49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQZYJ7Y5-28-J2H9&name=RUBICON&gdpr=0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:39 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQZYJ7Y5-28-J2H9&name=RUBICON&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
match
events-ssc.33across.com/ Frame 8530
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across&gdpr=0
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQZYJ7Y5-28-J2H9&gdpr=0
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQZYJ7Y5-28-J2H9&ts=1704418119&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQZYJ7Y5-28-J2H9&ts=1704418119&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:39 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:39 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQZYJ7Y5-28-J2H9&ts=1704418119&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
tap.php
pixel.rubiconproject.com/ Frame 8530
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&expires=360&gdpr=0&gdpr_consent=
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&expires=360&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:39 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&expires=360&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
tap.php
pixel.rubiconproject.com/ Frame 8530
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZZdbQAAMIjwI5QBH&gdpr=0
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZZdbQAAMIjwI5QBH&gdpr=0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-mia-kmia1760054-MIA
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704418119.969782,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZZdbQAAMIjwI5QBH&gdpr=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 8530
Redirect Chain
  • https://um.simpli.fi/rb_match?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=A0A7D3915CF44960ACE5E888F4B75986&expires=365
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=A0A7D3915CF44960ACE5E888F4B75986&expires=365
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 05 Jan 2024 01:28:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=A0A7D3915CF44960ACE5E888F4B75986&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 04 Jan 2024 01:28:39 GMT
tap.php
pixel.rubiconproject.com/ Frame 8530
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon&gdpr=0
  • https://cm.adgrx.com/bridge.gif?AG_PID=rubicon&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=c13636fe-ab69-11ee-b47c-6e5120466e9f&expires=60
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=c13636fe-ab69-11ee-b47c-6e5120466e9f&expires=60
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:39 GMT
server
Cowboy
content-type
image/gif
location
https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=c13636fe-ab69-11ee-b47c-6e5120466e9f&expires=60
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-1
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
tap.php
pixel.rubiconproject.com/ Frame 8530
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1&gdpr=0
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=PXB6bdDbZGdcz6ZzOFz8t4XsnMZhMiGdLdsvN9R-tmQ&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504519&nuid=PXB6bdDbZGdcz6ZzOFz8t4XsnMZhMiGdLdsvN9R-tmQ&gdpr=0
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504519&nuid=PXB6bdDbZGdcz6ZzOFz8t4XsnMZhMiGdLdsvN9R-tmQ&gdpr=0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:39 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504519&nuid=PXB6bdDbZGdcz6ZzOFz8t4XsnMZhMiGdLdsvN9R-tmQ&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rubicon
tr.blismedia.com/v1/api/sync/ Frame 8530 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/rubicon?gdpr=0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
ads.yieldmo.com/ Frame 8530
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=yieldmo&gdpr=0
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LQZYJ7Y5-28-J2H9&gdpr=0
43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LQZYJ7Y5-28-J2H9&gdpr=0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
52.72.225.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-225-207.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LQZYJ7Y5-28-J2H9&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
cookiesyncendpoint
sync.aniview.com/ Frame 8530
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184&gdpr=0
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQZYJ7Y5-28-J2H9&gdpr=0
0
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQZYJ7Y5-28-J2H9&gdpr=0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQZYJ7Y5-28-J2H9&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 8530
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=smartadserver&gdpr=0
  • https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LQZYJ7Y5-28-J2H9&gdpr=0
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LQZYJ7Y5-28-J2H9&gdpr=0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LQZYJ7Y5-28-J2H9&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 8530
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=K5XH98XlPE9c&ev=1&pid=560687&gdpr=0
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=K5XH98XlPE9c&ev=1&pid=560687&gdpr=0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=K5XH98XlPE9c&ev=1&pid=560687&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-fsdm2
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 8530
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=7&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7320420084116420757&expires=730&gdpr=0
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7320420084116420757&expires=730&gdpr=0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7320420084116420757&expires=730&gdpr=0
Date
Fri, 05 Jan 2024 01:28:40 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
setuid
prebid-s2s.media.net/ Frame 0868
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-medianet
  • https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQZYJ7Y5-28-J2H9
86 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQZYJ7Y5-28-J2H9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:39 GMT
content-encoding
gzip
via
1.1 google
server
envoy
content-type
image/png
access-control-allow-origin
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
alt-svc
clear
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQZYJ7Y5-28-J2H9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
Rubicon
crb.kargo.com/api/v1/dsync/ Frame 0868
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=11864
  • https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQZYJ7Y5-28-J2H9
43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQZYJ7Y5-28-J2H9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
35.174.112.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-112-174.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQZYJ7Y5-28-J2H9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
i.match
s.tribalfusion.com/z/ Frame 0868
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
  • https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
43 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:39 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8407f2211fa15f20-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:39 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
159
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8407f21e6a325f20-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 0868
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQZYJ7Y5-28-J2H9
0
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQZYJ7Y5-28-J2H9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
35.170.7.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-7-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQZYJ7Y5-28-J2H9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 0868
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=2
  • https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=872817512825&expires=30&us_privacy=1---
42 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=872817512825&expires=30&us_privacy=1---
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Access-Control-Allow-Origin
*
Location
https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=872817512825&expires=30&us_privacy=1---
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame 0868
Redirect Chain
  • https://b1sync.zemanta.com/usersync/rubicon/
  • https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=BUe8t8AGKClBFU9g5GxQ
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=BUe8t8AGKClBFU9g5GxQ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:39 GMT
Content-Type
text/html; charset=utf-8
Location
https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=BUe8t8AGKClBFU9g5GxQ
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
129
Expires
Thu, 01 Dec 1994 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0868
Redirect Chain
  • https://rbp.mxptint.net/sn.ashx
  • https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R35CAB_10EC9D625_96FC73C6&expires=60
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R35CAB_10EC9D625_96FC73C6&expires=60
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R35CAB_10EC9D625_96FC73C6&expires=60
Date
Fri, 05 Jan 2024 01:28:38 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-387422919; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
227
Content-Type
text/html; charset=utf-8
usersync
e.serverbid.com/ Frame 0868
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=24856
  • https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LQZYJ7Y5-28-J2H9
35 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LQZYJ7Y5-28-J2H9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:39 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://eus.rubiconproject.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LQZYJ7Y5-28-J2H9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
user.sync
match.sync.ad.cpe.dotomi.com/w/ Frame 0868
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=epsilon
  • https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LQZYJ7Y5-28-J2H9
43 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LQZYJ7Y5-28-J2H9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
2606:ae80:1471:16::820 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
content-type
image/gif
cache-control
no-cache
content-length
43
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LQZYJ7Y5-28-J2H9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
setuid
sync.ex.co/v1/ Frame 0868
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17136_2
  • https://sync.ex.co/v1/setuid?bidder=rubicon&gdpr=&gdpr_consent=&uid=LQZYJ7Y5-28-J2H9
86 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ex.co/v1/setuid?bidder=rubicon&gdpr=&gdpr_consent=&uid=LQZYJ7Y5-28-J2H9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
3.92.12.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-12-163.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
date
Fri, 05 Jan 2024 01:28:40 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.ex.co/v1/setuid?bidder=rubicon&gdpr=&gdpr_consent=&uid=LQZYJ7Y5-28-J2H9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
/
csync.loopme.me/ Frame 0868
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=loopme
  • https://csync.loopme.me/?partner_id=1441&vt=&uid=LQZYJ7Y5-28-J2H9
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=1441&vt=&uid=LQZYJ7Y5-28-J2H9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
35.214.181.122 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
122.181.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
server
_

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://csync.loopme.me/?partner_id=1441&vt=&uid=LQZYJ7Y5-28-J2H9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 0868
Redirect Chain
  • https://cms.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif?idmatch=0
  • https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=gVtlzoIMaM-aWmzAh1lxmtULaZ-aXj2a1V_K50Qk
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=gVtlzoIMaM-aWmzAh1lxmtULaZ-aXj2a1V_K50Qk
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=gVtlzoIMaM-aWmzAh1lxmtULaZ-aXj2a1V_K50Qk
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0868
Redirect Chain
  • https://match.adsby.bidtheatre.com/rubiconmatch
  • https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=0f4048a3-19cf-4e08-b88a-c8eedd147483
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=0f4048a3-19cf-4e08-b88a-c8eedd147483
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=0f4048a3-19cf-4e08-b88a-c8eedd147483
Date
Fri, 05 Jan 2024 01:28:40 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
tap.php
pixel.rubiconproject.com/ Frame 0868
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=87
  • https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=6066353311403014312&gdpr=0&gdpr_consent=
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=6066353311403014312&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=6066353311403014312&gdpr=0&gdpr_consent=
date
Fri, 05 Jan 2024 01:28:38 GMT
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 0868
Redirect Chain
  • https://rubiconcm.digitaleast.mobi/usersync/rubicon.gif
  • https://pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=7a63ab7b-0fb0-4bd9-af88-6c3ff434a682
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=7a63ab7b-0fb0-4bd9-af88-6c3ff434a682
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=7a63ab7b-0fb0-4bd9-af88-6c3ff434a682
date
Fri, 05 Jan 2024 01:28:40 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130
content-type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 0868
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=rubicon
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=rubicon&bsw_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=rubicon&bsw_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=4dc8349b-80b8-4b94-b1a2-47e2adf7f27c&user_group=1&ssp=rubicon&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=f23bd312-5bb6-424a-95e9-d15220f0e7dc&expires=30&gdpr=&gdpr_consent=&us_privacy=
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=f23bd312-5bb6-424a-95e9-d15220f0e7dc&expires=30&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
//pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=f23bd312-5bb6-424a-95e9-d15220f0e7dc&expires=30&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 05 Jan 2024 01:28:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
p2.gcprivacy.com/v2/ Frame F936 		666 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=95d1454d-e53e-46b3-b4de-3341491a2a03&u=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&h=www.staradvertiser.com&ref=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&ids=hadronid%2C060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%7Cid5%2C%257B%2522signature%2522%253A%2522ID5_AuayXuyoNDQ9A0lAleefyVlZK4CeVrI24PTFJBuO6l_8uyb271tB4_LKQ6gYB4orrvATwtk3nhNg5BFfn6NDvenSCYMvO32py_ZEGdYLCDXS5hYaEXZCPfkjBd7-Pu1_IhnFT2n2SB55gRR429U%2522%252C%2522created_at%2522%253A%25222024-01-05T01%253A28%253A36.456502798Z%2522%252C%2522id5_consent%2522%253Atrue%252C%2522original_uid%2522%253A%2522ID5*n2ORn8Ytww4wdROwvzfVtzx9De0pOkCJLnNfLo5bJRF6PrnYZXt6_ekFXQ7K9zJKej_rOLGhYnjArJKqKPGE2A%2522%252C%2522universal_uid%2522%253A%2522ID5*n2ORn8Ytww4wdROwvzfVtzx9De0pOkCJLnNfLo5bJRF6PrnYZXt6_ekFXQ7K9zJKej_rOLGhYnjArJKqKPGE2A%2522%252C%2522link_type%2522%253A0%252C%2522cascade_needed%2522%253Atrue%252C%2522privacy%2522%253A%257B%2522jurisdiction%2522%253A%2522other%2522%252C%2522id5_consent%2522%253Atrue%257D%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%252C%2522pba%2522%253A%2522w7Znm76ks6UqtlXC6kqEhA%253D%253D%2522%257D%252C%2522cache_control%2522%253A%257B%2522max_age_sec%2522%253A7200%257D%257D%7Ctdid%2C%257B%2522TDID%2522%253A%2522736096f3-a33b-4e74-a900-147a47dba0f3%2522%252C%2522TDID_LOOKUP%2522%253A%2522TRUE%2522%252C%2522TDID_CREATED_AT%2522%253A%25222023-12-05T01%253A28%253A31%2522%257D%7Csharedid%2C95d1454d-e53e-46b3-b4de-3341491a2a03%7C&v=3
Requested by
Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.113.161 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-113-161.compute-1.amazonaws.com
Software
/
Resource Hash
e07574273bf2047f5015ff4e6e05db588b780e1d2c04dad6e2d3b03e1170d4ff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:39 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
content-length
666
user-sync
sync.adkernel.com/ Frame 4012 		828 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D486214773fce3e9d
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
d103864d83c571ba3b0e76fc414263a4807e54e221a72b4a5226dc12d96e8521

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
828
Content-Type
text/html; charset=utf-8
Date
Fri, 05 Jan 2024 01:28:39 GMT
Server
nginx
setuid
u.4dex.io/ Frame 0816 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=eplanning&uid=AN1gKFZr0esrL-Et
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 05 Jan 2024 01:28:39 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
cm
us-u.openx.net/w/1.0/ Frame B5B7
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704418118143.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D...
1 KB
774 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6ea2cd6ebef851c60f8dc625e1e67c26a890442f068e85c014c19cba5c6c22ad

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
755
content-type
text/html
date
Fri, 05 Jan 2024 01:28:39 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Fri, 05 Jan 2024 01:28:38 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP006
x-33x-status
40000000008200000A
sync
visitor-us-east-2.omnitagjs.com/visitor/ Frame DDE0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1704418118143.&ri=0015a00003HljHyAAJ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS...
  • https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212429669350874&gdpr=0&gdpr_consent=
49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212429669350874&gdpr=0&gdpr_consent=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
3.128.106.141 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-106-141.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:39 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://visitor-us-east-2.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212429669350874&gdpr=0&gdpr_consent=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame DDE0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1707010119%26external_user_id%3D736096f3-a33b-4e74-a900-147a47dba0f3
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1707010119&external_user_id=736096f3-a33b-4e74-a900-147a47dba0f3
68 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1707010119&external_user_id=736096f3-a33b-4e74-a900-147a47dba0f3
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:38 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1707010119&external_user_id=736096f3-a33b-4e74-a900-147a47dba0f3
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
/
ssc-cms.33across.com/ps/ Frame DDE0 		0
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704418118143.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP020 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Fri, 05 Jan 2024 01:28:38 GMT
server
33XP020
match
events-ssc.33across.com/ Frame DDE0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&ts=1704418119&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&ts=1704418119&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:39 GMT
referrer-policy
unsafe-url
server
33XP009
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&ts=1704418119&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
/
ssc-cms.33across.com/ps/ Frame DDE0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy=
  • https://ssc-cms.33across.com/ps/?xi=120&xu=-tBDgfwlV_hvwp42xPpc4iaEdkY
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=120&xu=-tBDgfwlV_hvwp42xPpc4iaEdkY
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP019 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Fri, 05 Jan 2024 01:28:39 GMT
server
33XP019

Redirect headers

Location
https://ssc-cms.33across.com/ps/?xi=120&xu=-tBDgfwlV_hvwp42xPpc4iaEdkY
Date
Fri, 05 Jan 2024 01:28:39 GMT
Connection
keep-alive
Content-Length
97
Content-Type
text/html; charset=utf-8
match
events-ssc.33across.com/ Frame DDE0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704418118143.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=7386633197929965226
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=7386633197929965226
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-east-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:39 GMT
an-x-request-uuid
9160d725-dc7b-4258-9dd3-30d1e148c0b1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=7386633197929965226
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=YAMFxqR3qCYbUd0e&instance=214055123&version=7.29.3-U&age=240105&cmd=INV&key=y3roexcY&c_id=13479&seq=1&order=7&vIndex=0&absoluteTime=15474.7&relativeTime=11117.6&alt=0&sC_ID=13512&sm_id=3287948&load=1&status=LVFNSNIY&ac_id=2008&EXTREF=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/&REF=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/&playerCfg=FL&playerType=FLOAT
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.145.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-145-94.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:39 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=YAMFxqR3qCYbUd0e&instance=214055123&version=7.29.3-U&age=240105&cmd=PLAY&key=y3roexcY&c_id=13479&seq=1&order=8&vIndex=0&absoluteTime=15476.3&relativeTime=11119.2&alt=0&sC_ID=13512&sm_id=3287948&load=1&status=LVFNSNIY&ac_id=2008&EXTREF=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/&REF=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/&playerCfg=FL&playerType=FLOAT&pposition=home
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.145.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-145-94.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:39 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&cw=1&pbt=1&lsw=1&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 05 Jan 2024 01:28:38 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
254367
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
10feba39-835f-4bd5-b4ae-d79be88bbade.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/ Frame E3AD 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/10feba39-835f-4bd5-b4ae-d79be88bbade.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f6d641efa4e5df993502fd85ce365108308eb74fc4a94dfa1082f17a993c237f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:38:48 GMT
age
2991
x-guploader-uploadid
ABPtcPq9rljKuaD8vWNvDK1HD-I4JCEe9Vic_Aff8P5t3KEHqLFBFKBH1O61OsfM5i9DgdZV-gQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28816
last-modified
Sun, 08 Oct 2023 22:48:43 GMT
server
UploadServer
etag
"e1e47fdc5e551433c3feae9dae68f734"
x-goog-generation
1696805323678442
x-goog-hash
crc32c=7mupEg==, md5=4eR/3F5VFDPD/q6drmj3NA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
28816
accept-ranges
bytes
content-type
image/jpeg
expires
Fri, 05 Jan 2024 01:38:48 GMT
InterVariable.woff2
rsms.me/inter/font-files/ Frame E3AD 		337 KB
338 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/InterVariable.woff2?v=4.0
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0

Request headers

Referer
https://rsms.me/inter/inter.css
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-fastly-request-id
df5a98587eefb3a50311d3b1726641d221a720c8
date
Fri, 05 Jan 2024 01:28:39 GMT
via
1.1 varnish
expires
Mon, 20 Nov 2023 16:36:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7028
x-cache
HIT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
345588
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Mon, 20 Nov 2023 16:23:03 GMT
server
cloudflare
x-github-request-id
415C:586D:6AD67:8B0B2:655B88B4
x-timer
S1700552694.223046,VS0,VE3
etag
"655b87e7-545f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8T7TEPbHVuZbyPyEcQxOif6qPyFyvMvnXbg%2BrWFMVezSI%2FmF9Qh%2B1dKeahbhHBrNTwCyQP9lwlpWfJX%2B8xyvJAaShzBmgIUh5lpqzsvi%2F6516sAyOo9k1noIkN3g9iHElTFNbAIA"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
x-origin-cache
HIT
cf-ray
8407f21f7f95b3d4-MIA
x-cache-hits
1
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/ Frame E3AD 		256 KB
257 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/materialdesignicons-webfont.woff2?v=4.5.95
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 05 Jan 2024 01:28:39 GMT
x-content-type-options
nosniff
age
4475159
x-jsd-version
4.5.95
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
262440
x-served-by
cache-fra-etou8220086-FRA, cache-mia-kmia1760075-MIA
x-jsd-version-type
version
etag
W/"40128-4s6MGTGrA2fPV5r2GYYmCP/EkkA"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame E3AD 		26 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1704418119444&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&page=AdForge%20Ad%20Unit&refr=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=Pacific%2FHonolulu&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=ca6202f5-b80f-46df-b7a4-39487ef3d3f7&dtm=1704418119390&vp=300x250&ds=300x250&vid=1&sid=d99f0528-3e7b-4764-aae8-d063ecc6d605&duid=e6352e41-7740-46ca-8155-85e36c8d5370&fp=742780693&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiYmNhNTgzZTAtZWM3MC00NWJkLTg0NzMtMzZjYmI4NzVkZmRiIiwiYmlkIjoiOWYyMzUwMzktY2U5Yi00MTgxLTk5Y2QtNDgxY2EzOGVkODRiIiwicGlkIjoiMTFkOGJmMDEtNGEwZC00MmYxLTljODItMzlmMWI3NzI2MjM0In19XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
9fd4a409c3d9f5bce19574d532785003;o=1
function-execution-id
d81oqxqe15zl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
photo-1623689046286-01d812cc8bad
storage.googleapis.com/ownlocal-images-db/300/ Frame E3AD 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-images-db/300/photo-1623689046286-01d812cc8bad
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
72d1d5ba105ef42debc52a5057b5466b44f296513ab4e89dd887410440e2bb8d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:38:48 GMT
age
2991
x-guploader-uploadid
ABPtcProItKpnRYEEUpRkNpM8BYZ8FCbJRDPN5EgsYRt0KQ-yiid6668dKUYBhUUSAzxBEg5h_0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121020
last-modified
Sun, 03 Dec 2023 08:26:35 GMT
server
UploadServer
etag
"4bea0cd3d470ebb072aab64f83d69acd"
x-goog-generation
1701591995669048
x-goog-hash
crc32c=PcLK0Q==, md5=S+oM09Rw67ByqrZPg9aazQ==
content-type
application/octet-stream
cache-control
public, max-age=3600
x-goog-stored-content-length
121020
accept-ranges
bytes
expires
Fri, 05 Jan 2024 01:38:48 GMT
bf8b9968-f71f-498b-940a-ad59bafc3893.png
storage.googleapis.com/ownlocal-adforge-production/logos/600/ Frame 238D 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-adforge-production/logos/600/bf8b9968-f71f-498b-940a-ad59bafc3893.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
60a2c0ec2e978fccb337450eb358126bba47eac9bcc6be4633fad3410e9ed62f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:39 GMT
age
0
x-guploader-uploadid
ABPtcPoBp9o2ELx3jRwH_XKEzSa502hkdJ3RxxUVKMLtNXW1JssBYsYFyjI0w75lr49JmA8V6kg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29652
last-modified
Tue, 24 Aug 2021 19:21:30 GMT
server
UploadServer
etag
"7d6e80a0cb8c2ecf5fcf5749ba7fa980"
x-goog-generation
1629832890472450
x-goog-hash
crc32c=66Z24A==, md5=fW6AoMuMLs9fz1dJun+pgA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
29652
accept-ranges
bytes
content-type
image/png
expires
Fri, 05 Jan 2024 02:28:39 GMT
InterVariable.woff2
rsms.me/inter/font-files/ Frame 238D 		337 KB
338 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/InterVariable.woff2?v=4.0
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0

Request headers

Referer
https://rsms.me/inter/inter.css
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-fastly-request-id
df5a98587eefb3a50311d3b1726641d221a720c8
date
Fri, 05 Jan 2024 01:28:39 GMT
via
1.1 varnish
expires
Mon, 20 Nov 2023 16:36:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7028
x-cache
HIT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
345588
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Mon, 20 Nov 2023 16:23:03 GMT
server
cloudflare
x-github-request-id
415C:586D:6AD67:8B0B2:655B88B4
x-timer
S1700552694.223046,VS0,VE3
etag
"655b87e7-545f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pgw9hopw5jzdY7eW4SmXh5ut%2BkG0olmkpB6Wo%2Fjzj5GWfzxoBBCj1HgxXXoZ1ObdzT4Ng%2FvZM3d5ufqOTN9zLZN9vYQ1p7a1DEb3eDgILhgses8%2BJk0xhMXx2fiy%2BqfJQjrWkK%2B4"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
x-origin-cache
HIT
cf-ray
8407f21fb831b3d4-MIA
x-cache-hits
1
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/ Frame 238D 		256 KB
257 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/materialdesignicons-webfont.woff2?v=4.5.95
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Origin
https://www.staradvertiser.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 05 Jan 2024 01:28:39 GMT
x-content-type-options
nosniff
age
4475159
x-jsd-version
4.5.95
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
262440
x-served-by
cache-fra-etou8220086-FRA, cache-mia-kmia1760075-MIA
x-jsd-version-type
version
etag
W/"40128-4s6MGTGrA2fPV5r2GYYmCP/EkkA"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame 238D 		26 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1704418119584&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&page=AdForge%20Ad%20Unit&refr=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=Pacific%2FHonolulu&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=ca6202f5-b80f-46df-b7a4-39487ef3d3f7&dtm=1704418119390&vp=300x250&ds=300x250&vid=1&sid=d99f0528-3e7b-4764-aae8-d063ecc6d605&duid=e6352e41-7740-46ca-8155-85e36c8d5370&fp=742780693&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiYmNhNTgzZTAtZWM3MC00NWJkLTg0NzMtMzZjYmI4NzVkZmRiIiwiYmlkIjoiOWYyMzUwMzktY2U5Yi00MTgxLTk5Y2QtNDgxY2EzOGVkODRiIiwicGlkIjoiMTFkOGJmMDEtNGEwZC00MmYxLTljODItMzlmMWI3NzI2MjM0In19XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
52c2725072eb4ae01a3b7480a3db3a29
function-execution-id
cpoywpc2q4ib
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
6da7b764-fcc8-4631-9ac2-79535cbec518.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/ Frame 238D 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/6da7b764-fcc8-4631-9ac2-79535cbec518.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1f0d968838106e1d2d9f8ac88b7002f0c0db352dea74a3040bd95d83f95b98df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:39 GMT
age
0
x-guploader-uploadid
ABPtcPrc9hoA6YA0GMnPj_3AOfsMGvQpG8pXownORbuVc0FlvpgIuZXOT2C_HdaqKZ8KPUlmkyM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64774
last-modified
Sun, 10 Dec 2023 08:30:26 GMT
server
UploadServer
etag
"4eff30240aa33844c018bcfb57f2fd8e"
x-goog-generation
1702197026355300
x-goog-hash
crc32c=5vwEHw==, md5=Tv8wJAqjOETAGLz7V/L9jg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
64774
accept-ranges
bytes
content-type
image/jpeg
expires
Fri, 05 Jan 2024 02:28:39 GMT
32202822055745462659705d2b64346.47145170.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		410 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/32202822055745462659705d2b64346.47145170.m3u8
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a7cd0b48eda3c2337951e95cf3ede4ede520c13306510285d4b5dbbc18dde96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:42:02 GMT
via
1.1 3dcb635971b5d310e8941cdb963aff70.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
age
20798
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
410
last-modified
Thu, 04 Jan 2024 19:25:02 GMT
server
AmazonS3
etag
"cc54a6fa0694766c8e9a75b56b6ded10"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
17Zvq7Y5hreG7ly762x4elcCRAmGR_eS74tFk9fvtUZX7mUdfj-Mnw==
publishertag.prebid.144.js
static.criteo.net/js/ld/ Frame F936 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 06 Jan 2024 01:28:39 GMT
visitormatch
bh.contextweb.com/ Frame 64AF 		849 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
acfb0c398087eda24c8c80f00dfd3f9f54a993d432abbd43b79c61b938be280d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
content-length
849
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-5b8764964b-fsdm2
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
bundle.js
static.anonymised.io/light/ Frame F936 		114 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.anonymised.io/light/bundle.js?v=0.3.1r
Requested by
Host: static.anonymised.io
URL: https://static.anonymised.io/light/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.217.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fb77c92719b3dc0571048e1248dc889b03afb307d9bb28d54b4610588fb87718

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:10:08 GMT
content-encoding
gzip
age
1111
x-guploader-uploadid
ABPtcPqZK6zRQV5WfFNCXE_5IR43wtRHNwVM7lPYJwWsEncEgMAm6zWxQRmfiU48UDHQT4DQESk2he-kTQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32655
last-modified
Mon, 18 Dec 2023 10:34:59 GMT
server
UploadServer
etag
"8e840d0b97499078bf96ed807b6e0eb9"
vary
Accept-Encoding
x-goog-generation
1702895699222046
x-goog-hash
crc32c=GwqV0g==, md5=joQNC5dJkHi/lu2Ae24OuQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=1200
x-goog-stored-content-length
32655
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 05 Jan 2024 01:30:08 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3ADB 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60840390&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a4d6965d3266302a8fd46eb63fe0af65051f627a1b4bcba983d6579b8561dc3c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 05 Jan 2024 01:28:40 GMT
content-length
1789
content-type
text/html; charset=UTF-8
khaos.json
token.rubiconproject.com/ Frame 58FA 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
rules-p-WFJsXCa9VD158.js
rules.quantcount.com/ Frame F936 		160 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201e:b400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:17:27 GMT
via
1.1 a4cae74c829bc214e4183c38164a2c0a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
age
680
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Tue, 11 Apr 2023 19:39:28 GMT
server
AmazonS3
etag
"8451e96214684fb5c6ec4f91dde0548e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
TzJ3Jmmpr4P84OIrip7H8ZMkQFnJhLIsRbkrR4J_HyHJeAKzgcvmzw==
khaos.json
token.rubiconproject.com/ Frame E8A1 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
khaos.json
token.rubiconproject.com/ Frame 420C 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
khaos.json
token.rubiconproject.com/ Frame A739 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
/
ssc-cms.33across.com/ps/ Frame FFC3
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LQZYJ7Y5-28-J2H9
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQZYJ7Y5-28-J2H9
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=1&xu=LQZYJ7Y5-28-J2H9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP018 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Fri, 05 Jan 2024 01:28:39 GMT
server
33XP018

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ssc-cms.33across.com/ps/?xi=1&xu=LQZYJ7Y5-28-J2H9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
Rubicon
s.seedtag.com/cs/cookiesync/ Frame 484B
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&khaos=LQZYJ7Y5-28-J2H9
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQZYJ7Y5-28-J2H9
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQZYJ7Y5-28-J2H9
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=6621-2915-01&pc=US
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQZYJ7Y5-28-J2H9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7c5d24517ee193cc868994bc18883d1d
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 9711 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=1eab0669-5013-c2be-2e06-793e450ed21e
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XDFN5VH0KKEN4VMYNSTH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 9711 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=400309e8-17be-44c3-a4e9-637f1eb1d8f2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ups.analytics.yahoo.com/ups/58294/ Frame 9711 		0
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=68b9f99d-94d3-430d-bd2f-3aa3ba9eed97
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame 9711
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=13bb0572-81fe-4f24-b171-7b5a14a67826
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=13bb0572-81fe-4f24-b171-7b5a14a67826
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=13bb0572-81fe-4f24-b171-7b5a14a67826
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 05 Jan 2024 01:28:40 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=13bb0572-81fe-4f24-b171-7b5a14a67826
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 9711
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=7386633197929965226
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7386633197929965226
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
an-x-request-uuid
2138c394-f79d-4497-a9b9-0b2095985b72
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7386633197929965226
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9711
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7898252983751812422&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7898252983751812422&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7898252983751812422&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 7C61
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Z-x3QGS7ekF87X5OYe5jFDO8exF86S8UM-j1_kRD
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Z-x3QGS7ekF87X5OYe5jFDO8exF86S8UM-j1_kRD
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzgTvK0vSBYM505CMLYeFYYrqIXMPSC3C%2B1B4hTCpXElqjXAPCwgDYSeRpu1ibZjSFiYtrI1uCfiTpa1uWNAAY%2Fzj5D5iYUhf%2BQ%2FlV23vQyBku8KO5x7%2BpaBw0GuKgSBkm%2FHVrtmqEBcOA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f2238ec525a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Z-x3QGS7ekF87X5OYe5jFDO8exF86S8UM-j1_kRD
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixie
jelly.mdhv.io/v4/ Frame 7C61
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=8cde5c648fe156140db5378baffff1b&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo0447_7320424622894265161&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/8cde5c648fe156140db5378baffff1b?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-bRKH0QhE2oN6dDPxTl84Z76j.WbZXf4.KsU_8.4H~A
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OGNkZTVjNjQ4ZmUxNTYxNDBkYjUzNzhiYWZmZmYxYg==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESED1dhtKpQkBzC1zHJwUfIjg&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AAAQHk7LLrYAABaDzK28HA&dataProviderId=817&gdpr=0
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=wEAGKYle1Rlz0J5&gdpr=0
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=7386633197929965226&gdpr=0&gdpr_consent=&gdpr=0
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=7979074&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gd...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=6adc7340-ca96-462d-b37b-baa1d1730357
  • https://jelly.mdhv.io/v4/pixie?
0
0
ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7C61
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Server
2600:1f18:4e9:5a07:8d75:79f2:fdf1:69ff Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB
date
Fri, 05 Jan 2024 01:28:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 7C61
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720142920&external_user_id=1fd04be1-3440-42f9-b2aa-4a09ecf87f03
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720142920&external_user_id=1fd04be1-3440-42f9-b2aa-4a09ecf87f03
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkOZ1J59ew6Mhr3m750xutg8PI4l8PzMJme8I9knwOoXbTt36b9QjChObbnWVL4HEv%2BgNd5np8hRGyA0lF7m4NSYvpQfgjnH1Wpa1Xy0TDcl%2Fh3XWOApw5XgKPm2e2jCjiFLF3iHs%2FJqRw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f2278dd125a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 05 Jan 2024 01:28:40 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720142920&external_user_id=1fd04be1-3440-42f9-b2aa-4a09ecf87f03
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 7C61
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=c13636fe-ab69-11ee-b47c-6e5120466e9f
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=c13636fe-ab69-11ee-b47c-6e5120466e9f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHXa0UB2PbLIW2khGPGvBFQG3JhZEF9rq6Uls0ONz305qyOWIM8325Moh8XbK4JjblYSh%2BRtKVnXJA5BJFGwlamtd%2FEs0a%2FbalyaWTYxoX5mXIAHnTCDWMh7pZaILlX29Tl5bes89c0PJg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f2270d1725a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=c13636fe-ab69-11ee-b47c-6e5120466e9f
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-1
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum-sec.casalemedia.com/ Frame 7C61
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=d08b0939-e7dd-47e1-a1ce-13919d351d77&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=d08b0939-e7dd-47e1-a1ce-13919d351d77&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avCP60X1RY6wtq2rK7vuC69ewTPm%2Bfm9A9mZNL0napxlxxFPcCWGubpJY5dGiqff%2BQ2jITB%2Fl3EqsISSaZnZnQsajGvgbrPdHGuNLNzqh%2BQZrLrJtH4F1yB0VBnh5P62LT1ZcOgePys1vA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f2276dad25a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=d08b0939-e7dd-47e1-a1ce-13919d351d77&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Fri, 05 Jan 2024 01:28:40 GMT
server
_
content-length
0
dcm
s.amazon-adsystem.com/ Frame 7C61 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KY3J3S1V69QYKHH05ZRB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 7C61 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZYRTASMN46TB6521JS0M
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame B73C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=736096f3-a33b-4e74-a900-147a47dba0f3&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=736096f3-a33b-4e74-a900-147a47dba0f3&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=736096f3-a33b-4e74-a900-147a47dba0f3&dongle=0cfd&gdpr=0&gdpr_consent=
date
Fri, 05 Jan 2024 01:28:40 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame B73C
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NzA1NjQxMTE1NTQ0OTgyNzc4OA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame B73C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKnCmAPIKQcLYKSKFunzRBw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKnCmAPIKQcLYKSKFunzRBw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKnCmAPIKQcLYKSKFunzRBw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B73C
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NzA1NjQxMTE1NTQ0OTgyNzc4OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NzA1NjQxMTE1NTQ0OTgyNzc4OA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NzA1NjQxMTE1NTQ0OTgyNzc4OA%3D%3D
date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame B73C 		0
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2687056411155449827788&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 08AA4FC9A3764B93B0D7AB091C0801E0 Ref B: MIAEDGE2014 Ref C: 2024-01-05T01:28:40Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOKMSixJjBrHzPozGqSg==
xuid
eb2.3lift.com/ Frame B73C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2687056411155449827788?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-409_YKhE2oSIiMO4cIsxNmgDi9xUSetgWq1cCKzPEg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-409_YKhE2oSIiMO4cIsxNmgDi9xUSetgWq1cCKzPEg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 05 Jan 2024 01:28:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-409_YKhE2oSIiMO4cIsxNmgDi9xUSetgWq1cCKzPEg--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame B73C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2687056411155449827788&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=006b79a6-e17b-428f-a319-4028618a9396&expires=10&ssp=triplelift&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://eb2.3lift.com/xuid?mid=2409&xuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 05 Jan 2024 01:28:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame B73C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=8b8293d3-9878-4b12-9ae2-54436c2413c7&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=8b8293d3-9878-4b12-9ae2-54436c2413c7&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=8b8293d3-9878-4b12-9ae2-54436c2413c7&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1905131
content-length
0
expires
Fri, 05 Jan 2024 00:00:00 GMT
xuid
eb2.3lift.com/ Frame B73C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7386633197929965226&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=7386633197929965226&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
an-x-request-uuid
3400ca46-2f07-47b9-b989-1ddefb720c59
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=7386633197929965226&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame B73C 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=2687056411155449827788
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
an-x-request-uuid
935ada14-9475-49fd-aa1d-92fbd9f525c3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
sync.e-planning.net/ Frame B73C 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=2687056411155449827788&dc=4d76b6ce34af74c9&iss=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:40 GMT
content-type
image/gif
envelope
lexicon.33across.com/v1/ Frame 2894 		42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&gdpr=0&src=pbjs&ver=8.6.0&coppa=0&us_privacy=1---
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:39 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usync.html
eus.rubiconproject.com/ Frame 3282 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:40 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 712C 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=c73598e4-19af-4225-ad41-0db5af961cdf
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1S96G0F1RAPYDQARJXRY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 712C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.235.75.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-75-11.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent=
date
Fri, 05 Jan 2024 01:28:40 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 712C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=YzczNTk4ZTQtMTlhZi00MjI1LWFkNDEtMGRiNWFmOTYxY2Rm
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.235.75.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-75-11.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 712C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7386633197929965226
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7386633197929965226
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.235.75.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-75-11.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
an-x-request-uuid
7a3853cc-7198-43bd-b36a-74d8af5bf102
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7386633197929965226
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 712C
Redirect Chain
  • https://sid.storygize.net/ccm/c9dd71b6-fd13-4133-bf5d-b88619cef491
  • https://sid.storygize.net/csr?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dm3k4T1aBLLPMpeMdFP9tJTiB%26source_user_id%3De70a7824-89af-41a5-a56b-06996c8ccf7d
  • https://match.sharethrough.com/sync/v1?source_id=m3k4T1aBLLPMpeMdFP9tJTiB&source_user_id=e70a7824-89af-41a5-a56b-06996c8ccf7d
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=m3k4T1aBLLPMpeMdFP9tJTiB&source_user_id=e70a7824-89af-41a5-a56b-06996c8ccf7d
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.235.75.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-75-11.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:41 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=m3k4T1aBLLPMpeMdFP9tJTiB&source_user_id=e70a7824-89af-41a5-a56b-06996c8ccf7d
date
Fri, 05 Jan 2024 01:28:40 GMT
content-length
0
khaos.json
token.rubiconproject.com/ Frame BA4E 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 0EBA 		692 B
1007 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83009538&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e41aa3cb652441cc377ec167263d67889c034c3fbfd9613ea5fcc45224f392a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 05 Jan 2024 01:28:38 GMT
content-length
692
content-type
text/html; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 74EB 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12343
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
match
events-ssc.33across.com/ Frame B5B7 		68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=70&external_user_id=3016767a-9232-49ab-823f-f47927698ba1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
g.pixel
aa.agkn.com/adscores/ Frame B5B7 		43 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212314908&puid=5aff9a6a-0375-42d5-844a-7723adfb8bd8
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-110.iad89.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
via
1.1 55b6418a8a2f714a67d8e4d292154ef2.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
IAD89-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
gymGc97aUp5OVeMo3CoKu6n9bm09BDvk9sgctiRnlfZU0PwwfPzOng==
expires
0
/
bpi.rtactivate.com/tag/ Frame B5B7 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=50019&user_id=d85251eb-9331-4b38-88a3-d4a0dfc57c2f
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.25.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-25-103.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
37274
stags.bluekai.com/site/ Frame B5B7 		62 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/37274?limit=1&id=616922b2-79ce-44c5-94ff-648db66d794d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.145.114 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-145-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control
max-age=0, no-cache, no-store
content-length
62
bk-server
f4b2
expires
Thu, 01 Dec 1994 16:00:00 GMT
709996.gif
id.rlcdn.com/ Frame B5B7 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sd
us-u.openx.net/w/1.0/ Frame B5B7
Redirect Chain
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=ead0ef9e-5421-5c72-1921-b05a08f0593c
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=0t1pq4e9tqm15
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072960&val=0t1pq4e9tqm15
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://us-u.openx.net/w/1.0/sd?id=537072960&val=0t1pq4e9tqm15
cache-control
no-cache
cf-ray
8407f2279b3567c2-MIA
content-length
0
sd
us-u.openx.net/w/1.0/ Frame B5B7
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=268
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=-tBDgfwlV_hvwp42xPpc4iaEdkY
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537082476&val=-tBDgfwlV_hvwp42xPpc4iaEdkY
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537082476&val=-tBDgfwlV_hvwp42xPpc4iaEdkY
Date
Fri, 05 Jan 2024 01:28:40 GMT
Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame B5B7
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=59f34ef1-1ec3-450a-989d-60e8c90f17cf&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZZdbSJoUq63D3ltOZd0YWGF1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZZdbSJoUq63D3ltOZd0YWGF1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 05 Jan 2024 01:28:40 GMT
server
Aorta/20231219.0f0182a99
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZZdbSJoUq63D3ltOZd0YWGF1
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
435a35bc9ac4
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame B5B7
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=mSvwKOU_wGoIfLce_iQjRA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B5B7
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=6adc7340-ca96-462d-b37b-baa1d1730357
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=6adc7340-ca96-462d-b37b-baa1d1730357
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=6adc7340-ca96-462d-b37b-baa1d1730357
Date
Fri, 05 Jan 2024 01:28:40 GMT
Connection
keep-alive
X-CI-RTID
d2fb7cc0-779f-41ab-a7c5-e065a1231eb3
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame B5B7
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
collect
v.clarity.ms/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.staradvertiser.com
Date
Fri, 05 Jan 2024 01:28:40 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
t2.min.js
pdp-cdn.retargetly.com/ Frame CF76 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pdp-cdn.retargetly.com/t2.min.js
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=1473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6ea5936c12e4e12b40631ac6ba4bf7f1eb97e9e1a7b4593aa2d3fe77a0855f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
x-amz-version-id
cDBd1fuhnOm5qs13Pq9xyFul5EocITG_
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 cdeea0974caa37faf8c113492b4e9844.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
MIA3-C4
age
3378
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-cache-status
HIT
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Dec 2023 14:22:04 GMT
server
cloudflare
etag
W/"92f802d227feb495cdbf914ef65f9ff1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cf-ray
8407f224cafc25b9-MIA
x-amz-cf-id
CBYtJM-4HNfdKN1w64uY_AEJQNAMqKLdzNH2k3lCtnh0nW4atBPhYg==
diberp-tcx-v7.13.0.js
americanhometownmedia.com/static/ 		328 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3WXZ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.58.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.58.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:53:06 GMT
content-encoding
gzip
age
2248534
x-guploader-uploadid
ABPtcPolImX65XRNPEoddHoj7TDvUTpEJtQxZkx77yXJCl_E2c72Yy_lzdRmTeGRSHAtIIHZ8E-Vmv8F-e9zX7EK1JXuDw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104504
last-modified
Mon, 29 Aug 2022 14:20:21 GMT
server
UploadServer
etag
"f085c7609fb7c47fb72fd768d721373e"
vary
Accept-Encoding,Origin
x-goog-generation
1661782821233427
x-goog-hash
crc32c=qwVX7w==, md5=8IXHYJ+3xH+3L9do1yE3Pg==
content-type
text/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
104504
accept-ranges
bytes
expires
Mon, 09 Dec 2024 00:53:06 GMT
user-sync
sync.adkernel.com/ Frame 4012
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?&cb=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D343983%26t%3Dimage%26uid%3D
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=343983&t=image&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=202990&dsp=343983&t=image&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D486214773fce3e9d
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:40 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
42
Content-Type
image/gif

Redirect headers

location
//sync.adkernel.com/user-sync?zone=202990&dsp=343983&t=image&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
user-sync
sync.adkernel.com/ Frame 4012
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D649145%26t%3Dimage%26uid%3D%24UID
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=7386633197929965226
42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=7386633197929965226
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D486214773fce3e9d
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:40 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
42
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
an-x-request-uuid
b9e07026-a047-4780-871f-73e1f9abcbb7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
//sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=7386633197929965226
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
amazon
ce.lijit.com/beacon/ Frame 1E7F
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
10a7200ab86c6d773264e862cb00a68070b8d71c22e48619248f990604d48036

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
498
Content-Type
text/html
Date
Fri, 05 Jan 2024 01:28:40 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2dca1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
ecm3
s.amazon-adsystem.com/ Frame 3A7C
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2687056411155449827788
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2687056411155449827788
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
R1JNZD94ZMH8YKM9S2TZ

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 05 Jan 2024 01:28:40 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2687056411155449827788
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync
usersync.gumgum.com/ Frame B216
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7386633197929965226
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7386633197929965226
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
an-x-request-uuid
bace1cb3-8c41-4b69-b4aa-440dd0f8d66b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=7386633197929965226
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame B216
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_8a0f8237-cd03-48f2-b488-4ca53ffb58fd&gdpr=&gdpr_consent=&us_privacy=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=4d715134-4d31-4835-964f-77d87de546c4&ssp=gumgum2&expires=30&user_group=5&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://usersync.gumgum.com/usersync?b=bsw&i=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 05 Jan 2024 01:28:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame B216
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=b140de64-64ac-4112-8973-eb44e56d18b8
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=b140de64-64ac-4112-8973-eb44e56d18b8
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 05 Jan 2024 01:28:40 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=b140de64-64ac-4112-8973-eb44e56d18b8
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame B216
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70
Date
Fri, 05 Jan 2024 01:28:40 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame B216
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-PGKCQK9E2pdAlDzV4AAlDMvQtKN6PvFPpnTD~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-PGKCQK9E2pdAlDzV4AAlDMvQtKN6PvFPpnTD~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 05 Jan 2024 01:28:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-PGKCQK9E2pdAlDzV4AAlDMvQtKN6PvFPpnTD~A
content-length
0
usersync
usersync.gumgum.com/ Frame B216
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=6adc7340-ca96-462d-b37b-baa1d1730357
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=6adc7340-ca96-462d-b37b-baa1d1730357
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=6adc7340-ca96-462d-b37b-baa1d1730357
Date
Fri, 05 Jan 2024 01:28:40 GMT
Connection
keep-alive
X-CI-RTID
b5d8aa9a-8012-440b-acbf-b50fc04d3b2b
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame B216
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_c053429087de436daa35a
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_c053429087de436daa35a
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_c053429087de436daa35a
date
Fri, 05 Jan 2024 01:28:40 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame B216
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_8a0f8237-cd03-48f2-b488-4ca53ffb58fd&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=BUe8t8AGKClBFU9g5GxQ
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=BUe8t8AGKClBFU9g5GxQ
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=BUe8t8AGKClBFU9g5GxQ
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame B216
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=K5XH98XlPE9c&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=K5XH98XlPE9c&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Protocol
H2
Server
3.222.45.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-45-79.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=K5XH98XlPE9c&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-fsdm2
expires
-1
usersync
usersync.gumgum.com/ Frame B216
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=6066353311403014312
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=6066353311403014312
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=6066353311403014312
date
Fri, 05 Jan 2024 01:28:40 GMT
content-length
0
um
sync.e-planning.net/ Frame B216 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=486214773fce3e9d&uid=u_8a0f8237-cd03-48f2-b488-4ca53ffb58fd
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:40 GMT
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 58FA
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&khaos=LQZYJ7Y5-28-J2H9
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQZYJ7Y5-28-J2H9&name=RUBICON&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQZYJ7Y5-28-J2H9&name=RUBICON&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
3.13.55.213 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-55-213.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQZYJ7Y5-28-J2H9&name=RUBICON&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7c5d24517ee193cc868994bc18883d1d
Expires
0
rtset
bh.contextweb.com/bh/ Frame 64AF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=VEI1d2NGQW1vVVg4Nmd3Yk1RWS12QQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEEThPMF-T5JUMGZoaLkjQCw&google_cver=1
49 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEEThPMF-T5JUMGZoaLkjQCw&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-fsdm2
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEEThPMF-T5JUMGZoaLkjQCw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 64AF
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504520&nuid=&gdpr_consent=&gdpr=0
49 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504520&nuid=&gdpr_consent=&gdpr=0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-fsdm2
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504520&nuid=&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame 64AF 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=K5XH98XlPE9c&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KRY8SVAD1JYSP319ECXN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ssp-sync.criteo.com/user-sync/ Frame F936
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dpdzkvF9rcUoyU1N3YzZ0ZmVsM1NOUjclMkJ6TFclMkJ1cE5UMnRRWDhvbW1vb1AyM1VhdyUzRA%26u%3d%24%7bUSER_...
  • https://ssp-sync.criteo.com/user-sync/match?p=pdzkvF9rcUoyU1N3YzZ0ZmVsM1NOUjclMkJ6TFclMkJ1cE5UMnRRWDhvbW1vb1AyM1VhdyUzRA&u=AAAQHk7LLrYAABaDzK28HA&us_privacy=1---
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=pdzkvF9rcUoyU1N3YzZ0ZmVsM1NOUjclMkJ6TFclMkJ1cE5UMnRRWDhvbW1vb1AyM1VhdyUzRA&u=AAAQHk7LLrYAABaDzK28HA&us_privacy=1---
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=pdzkvF9rcUoyU1N3YzZ0ZmVsM1NOUjclMkJ6TFclMkJ1cE5UMnRRWDhvbW1vb1AyM1VhdyUzRA&u=AAAQHk7LLrYAABaDzK28HA&us_privacy=1---
Date
Fri, 05 Jan 2024 01:28:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
match
ssp-sync.criteo.com/user-sync/ Frame F936
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=XnlveF9SQXdLc0pzdGowT2tSU3J0Q3NWazZSaXBmR1FmYXNmSFY5YkR5MkYzbktzJTNE&gdpr=&gdpr_consent=&us_privacy=1---&cr_user_id=k-SRwe7merNoMaybDDx98yvvCxlux...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dcriteo%26use...
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=criteo&user_id=
  • https://ssp-sync.criteo.com/user-sync/match?p=XnlveF9SQXdLc0pzdGowT2tSU3J0Q3NWazZSaXBmR1FmYXNmSFY5YkR5MkYzbktzJTNE&u=f23bd312-5bb6-424a-95e9-d15220f0e7dc
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=XnlveF9SQXdLc0pzdGowT2tSU3J0Q3NWazZSaXBmR1FmYXNmSFY5YkR5MkYzbktzJTNE&u=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

Location
//ssp-sync.criteo.com/user-sync/match?p=XnlveF9SQXdLc0pzdGowT2tSU3J0Q3NWazZSaXBmR1FmYXNmSFY5YkR5MkYzbktzJTNE&u=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Date
Fri, 05 Jan 2024 01:28:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
match
ssp-sync.criteo.com/user-sync/ Frame F936
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=meM3CF9KUzAzcWVSNEwwUHNaajZwaWV3NzRZaGgwcGsxTG5Tclc0R3JRempnVW9NJTNE&gdpr=&gdpr_consent=&us_privacy=1---&cr_user_id=k-SRwe7merNoMaybDDx98yvvCxlux...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dcriteo%26use...
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=criteo&user_id=
  • https://ssp-sync.criteo.com/user-sync/match?p=meM3CF9KUzAzcWVSNEwwUHNaajZwaWV3NzRZaGgwcGsxTG5Tclc0R3JRempnVW9NJTNE&u=f23bd312-5bb6-424a-95e9-d15220f0e7dc
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=meM3CF9KUzAzcWVSNEwwUHNaajZwaWV3NzRZaGgwcGsxTG5Tclc0R3JRempnVW9NJTNE&u=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

Location
//ssp-sync.criteo.com/user-sync/match?p=meM3CF9KUzAzcWVSNEwwUHNaajZwaWV3NzRZaGgwcGsxTG5Tclc0R3JRempnVW9NJTNE&u=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Date
Fri, 05 Jan 2024 01:28:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=rIt5UXw1US92QWc3d2hnUG95aE9XdjdoZkpJOEtHMk9CMWhud1FEZm43dEs4bTA1eHdZc0Ftdy83T3JrUUhDbGxaVE9XMjBBSnhhM2pJYmRjL1VSR0s2ZDVGeVRUWkY4UGN1ZjYxVENhOGtEbDZ1U2ZQb2U0VGMydWRIK0pNY3VSdlowNHpxNXlMa0FzUEhNM2hQeXIvbTVaOGdldWpTRU8va0h1bTJVeTEyZEI1VlZpcWgvRVhobzdTSmdndzdFa09vdUZRbXBSYTNkWis1VHI2SGIxR0R1bVMvQ2YrVG40cFhxZG9KREN6bHdSVnhpZkZrYXllMXNWZWEvMTRVTzdyRCtoUmtxaThzOUZUNlNjV0pPaG5pQlQydTU5b09HMkE5bnFsTDlKSTNvTmFwZz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 05 Jan 2024 01:28:40 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
419460
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
js
aggle.net/ Frame F936 		495 B
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aggle.net/js?pid=NEQ7KDHP5&domain=www.staradvertiser.com&pih1=&pih2=&pih3=&hadron_id=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y&tradedesk_id=%257B%2522TDID%2522%253A%2522736096f3-a33b-4e74-a900-147a47dba0f3%2522%252C%2522TDID_LOOKUP%2522%253A%2522TRUE%2522%252C%2522TDID_CREATED_AT%2522%253A%25222023-12-05T01%253A28%253A31%2522%257D
Requested by
Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.179.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a938864f9581ea3da.awsglobalaccelerator.com
Software
gunicorn /
Resource Hash
abf315cef437546f1c11ddac1e7c764486ce8beb8b37ea6df5c5eb03dc0fce06

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 05 Jan 2024 01:28:41 GMT
date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
gunicorn
content-length
495
p3p
CP="NOI OUR BUS UNI COM NAV"
xandr
p2.gcprivacy.com/v3/id/ Frame F936
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fp2.gcprivacy.com%2Fv3%2Fid%2Fxandr%3Fid%3D%24UID%26gcid%3De2c5298f-8591-4c8b-899c-ce392e353523
  • https://p2.gcprivacy.com/v3/id/xandr?id=7386633197929965226&gcid=e2c5298f-8591-4c8b-899c-ce392e353523
0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p2.gcprivacy.com/v3/id/xandr?id=7386633197929965226&gcid=e2c5298f-8591-4c8b-899c-ce392e353523
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
54.161.113.161 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-113-161.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:40 GMT
an-x-request-uuid
0a54675c-b46a-4346-b916-2c653ffe04e6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://p2.gcprivacy.com/v3/id/xandr?id=7386633197929965226&gcid=e2c5298f-8591-4c8b-899c-ce392e353523
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
6da7b764-fcc8-4631-9ac2-79535cbec518.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/ Frame 238D 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/6da7b764-fcc8-4631-9ac2-79535cbec518.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1f0d968838106e1d2d9f8ac88b7002f0c0db352dea74a3040bd95d83f95b98df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:39 GMT
age
1
x-guploader-uploadid
ABPtcPrc9hoA6YA0GMnPj_3AOfsMGvQpG8pXownORbuVc0FlvpgIuZXOT2C_HdaqKZ8KPUlmkyM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64774
last-modified
Sun, 10 Dec 2023 08:30:26 GMT
server
UploadServer
etag
"4eff30240aa33844c018bcfb57f2fd8e"
x-goog-generation
1702197026355300
x-goog-hash
crc32c=5vwEHw==, md5=Tv8wJAqjOETAGLz7V/L9jg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
64774
accept-ranges
bytes
content-type
image/jpeg
expires
Fri, 05 Jan 2024 02:28:39 GMT
photo-1623689046286-01d812cc8bad
storage.googleapis.com/ownlocal-images-db/300/ Frame E3AD 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-images-db/300/photo-1623689046286-01d812cc8bad
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
72d1d5ba105ef42debc52a5057b5466b44f296513ab4e89dd887410440e2bb8d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:38:48 GMT
age
2992
x-guploader-uploadid
ABPtcProItKpnRYEEUpRkNpM8BYZ8FCbJRDPN5EgsYRt0KQ-yiid6668dKUYBhUUSAzxBEg5h_0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121020
last-modified
Sun, 03 Dec 2023 08:26:35 GMT
server
UploadServer
etag
"4bea0cd3d470ebb072aab64f83d69acd"
x-goog-generation
1701591995669048
x-goog-hash
crc32c=PcLK0Q==, md5=S+oM09Rw67ByqrZPg9aazQ==
content-type
application/octet-stream
cache-control
public, max-age=3600
x-goog-stored-content-length
121020
accept-ranges
bytes
expires
Fri, 05 Jan 2024 01:38:48 GMT
crum
dsum-sec.casalemedia.com/ Frame 67BA
Redirect Chain
  • https://um4.eqads.com/um/cs
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=08086e4a-a446-4039-9081-3354ed5f7a34&expiration=1712280520
43 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=08086e4a-a446-4039-9081-3354ed5f7a34&expiration=1712280520
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8407f2279dee25a3-MIA
content-length
43
content-type
image/gif
date
Fri, 05 Jan 2024 01:28:40 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tu%2BganUUxLSxyHJ8AKYGBG4UnsvM2Y%2B7uG4LeA8oRkOuY5%2BS%2FPmNENw08d2AyDmStkEgUoy6RBztCN1B6Zc1N5Jtz62k75FMHeL3gdXTg%2FGMJ%2Bhu7WEhj9J%2FH9hu28IXkzjECj6WuA8hQw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache
content-length
0
date
Fri, 05 Jan 2024 01:28:40 GMT
expires
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=08086e4a-a446-4039-9081-3354ed5f7a34&expiration=1712280520
magnite
prebid.a-mo.net/setuid/ Frame 420C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr_consent=undefined&gdpr=0&khaos=LQZYJ7Y5-28-J2H9
  • https://prebid.a-mo.net/setuid/magnite?uid=LQZYJ7Y5-28-J2H9&gdpr=0&gdpr_consent=undefined
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQZYJ7Y5-28-J2H9&gdpr=0&gdpr_consent=undefined
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQZYJ7Y5-28-J2H9&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 3ADB 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=95054&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 3282 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12343
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
um
sync.e-planning.net/ Frame BA4E
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=eplanning_east&khaos=LQZYJ7Y5-28-J2H9
  • https://sync.e-planning.net/um?uid=LQZYJ7Y5-28-J2H9&dc=9bcc91305985f0db&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=LQZYJ7Y5-28-J2H9&dc=9bcc91305985f0db&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:40 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.e-planning.net/um?uid=LQZYJ7Y5-28-J2H9&dc=9bcc91305985f0db&iss=1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
api
api.retargetly.com/ Frame 6E62
Redirect Chain
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhtt...
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhtt...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&fullVersionList=&platform=&_rlid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=1473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9efe51d4c7d92f6496345559880469c04cd7ab24915ed5bd29bf1a6d95501a4

Request headers

Referer
https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8407f227882725b9-MIA
content-encoding
gzip
content-type
text/html
date
Fri, 05 Jan 2024 01:28:40 GMT
expires
0
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
pragma
no-cache
server
cloudflare

Redirect headers

access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8407f2271f6325b9-MIA
content-type
application/javascript
date
Fri, 05 Jan 2024 01:28:40 GMT
expires
0
location
/api?id=1473&src=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&fullVersionList=&platform=&_rlid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
pragma
no-cache
server
cloudflare
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame 238D 		26 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1704418120774&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&page=AdForge%20Ad%20Unit&refr=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=Pacific%2FHonolulu&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=975a4d7b-fc7e-4faa-a542-74698efe65ee&dtm=1704418119579&vp=300x250&ds=300x250&vid=1&sid=d99f0528-3e7b-4764-aae8-d063ecc6d605&duid=e6352e41-7740-46ca-8155-85e36c8d5370&fp=742780693&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiMmJlYjgzOTEtOGNhOC00NjgyLTg5ZjAtNTU5ODJkYmI0OGE2IiwiYmlkIjoiM2UxOTAwZGMtOGE1ZC00ZTExLWI1NWItN2Y5YmZjOTE2MzVmIiwicGlkIjoiYzQ2Y2YxNWQtMTYyMi00MTU3LThmM2YtMThiOWE2MTk0NmRlIn19XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:41 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
e92ef3fdcea90994a3fca464ce00dc0f
function-execution-id
elpo37r76owt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
pr
s.amazon-adsystem.com/v3/ Frame 8C12 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_pm-db5_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
7e780e82913c8fec3e7f7ebee2a92ed45ed6739341bb3fd2b373604c0522a751
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_pm-db5_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3441
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 05 Jan 2024 01:28:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
1TKHFJ0PG6DGX7RKNR8X
2a39755fa7d19d7679b94bb339ccfd8a258f21fe8
knottyswing.com/dd6e58e237e/ 		3 B
29 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://knottyswing.com/dd6e58e237e/2a39755fa7d19d7679b94bb339ccfd8a258f21fe8
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 05 Jan 2024 01:28:40 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
x-hostname
fen-hoothoot-us-east1-b72j
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 05 Jan 2024 01:28:39 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame F936 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4409592478486421&correlator=303901116060673&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fifs&gdpr=0&iu_parts=21722279357%2C728x90_ob_staradvertiser&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&didk=3062990929&sfv=1-0-40&eri=4&sc=1&cookie=ID%3Dd5d9bc13cd177aaf%3AT%3D1704418107%3ART%3D1704418107%3AS%3DALNI_MZ4BZolVYIVHU4en5ncGzXTq6T5rg&gpic=UID%3D00000db0f4ed2e2f%3AT%3D1704418107%3ART%3D1704418107%3AS%3DALNI_Masyh_oFPy02WMRXLg2ivGrwvOkVA&abxe=1&dt=1704418120806&adxs=436&adys=274&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=nkdyjalvhkoc&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&top=www.staradvertiser.com&vis=1&psz=0x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=495654607.1704418108&ga_sid=1704418121&ga_hid=1883197990&ga_fc=true&dlt=1704418108913&idt=10735&prev_scp=refresh_count%3D0%26amzniid%3DJBoiB3CE-9ty46mpTBBPKlYAAAGM1zyJIQEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICCavroD%26amznp%3D1shiozk%26amznsz%3D728x90%26amznbid%3D1vlw4jk%26amznactt%3DOPEN%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dbostonbrainscience.com%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.03%26hb_adid%3D554bb4c22522044%26hb_bidder%3Dcriteo%26anh%3Dtrue&cust_params=gcRTDTest%3Dtrue%26pbstck_ab_test%3Dtrue%26wvr%3D3%26wie%3Dfriendly%26cndl%3D10%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D6800%26wrap_l%3D3900%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D1800%26padpr%3D100%2633acrossId%3Dfalse%26amxId%3Dfalse%26criteo%3Dfalse%26hadronId%3Dtrue%26id5Id%3Dfalse%26identityLink%3Dfalse%26liveIntentId%3Dfalse%26lotamePanoramaId%3Dfalse%26pairId%3Dfalse%26quantcastId%3Dfalse%26sharedId%3Dtrue%26teadsId%3Dfalse%26uid2%3Dfalse%26uids%3DhadronId%252Cpubcid%26uids_c%3D2%26waai%3D3800%26waae%3D2200%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D6s%26wabtr%3Drichaudience&adks=1564880186&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0559581acf4b4d46a6cc6175fb38c93b209fec05433cd4ed7454a458433df97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:41 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12444
x-xss-protection
0
google-lineitem-id
6080160369
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138400225016
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FD00 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 01:28:40 GMT
expires
Sat, 04 Jan 2025 01:28:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.html
eus.rubiconproject.com/ Frame 9658
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adkernel
  • https://eus.rubiconproject.com/usync.html?p=adkernel
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adkernel
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D486214773fce3e9d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:41 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:40 GMT
location
https://eus.rubiconproject.com/usync.html?p=adkernel
server
AkamaiGHost
usersync
usersync.gumgum.com/ Frame 3840
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=5394353749448417114&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=5394353749448417114&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:41 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 05 Jan 2024 01:28:41 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=5394353749448417114&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame B8DB 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84YTBmODIzNy1jZDAzLTQ4ZjItYjQ4OC00Y2E1M2ZmYjU4ZmQ=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 01:28:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8D44 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71420
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 05 Jan 2024 01:28:40 GMT
expires
Fri, 05 Jan 2024 21:19:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 42FC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=736096f3-a33b-4e74-a900-147a47dba0f3
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=736096f3-a33b-4e74-a900-147a47dba0f3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:41 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Fri, 05 Jan 2024 01:28:40 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=736096f3-a33b-4e74-a900-147a47dba0f3
server
Kestrel
usersync
usersync.gumgum.com/ Frame 3D60
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZdbScCo8YIAALvpxfgAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZZdbScCo8YIAALvpxfgAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:41 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 05 Jan 2024 01:28:41 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZZdbScCo8YIAALvpxfgAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad1023.dc4p.scaleout.jp
X-SO-IP
38.132.118.70
X-SO-Key
ZZdbScCo8YIAALvpxfgAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"38.132.118.70","key":"ZZdbScCo8YIAALvpxfgAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad1023"}
X-SO-LB-Hostname
m-tgng30.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad1023
usersync
usersync.gumgum.com/ Frame 1773
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:41 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 05 Jan 2024 01:28:41 GMT Fri, 05 Jan 2024 01:28:41 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=gumgum
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
PugMaster
image6.pubmatic.com/AdServer/ Frame 9447 		577 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=18399633&p=156423&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f2f6b277b21f7a9a31905486c4aa8a7c34aad08d798779a3ae7af13555402f0d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 05 Jan 2024 01:28:40 GMT
content-length
577
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame D868 		577 B
779 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86861513&p=156423&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f2f6b277b21f7a9a31905486c4aa8a7c34aad08d798779a3ae7af13555402f0d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 05 Jan 2024 01:28:39 GMT
content-length
577
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 8C23 		577 B
779 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=599931&p=156423&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f2f6b277b21f7a9a31905486c4aa8a7c34aad08d798779a3ae7af13555402f0d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 05 Jan 2024 01:28:40 GMT
content-length
577
content-type
text/html; charset=UTF-8
p-fc3a8e1a.system.js
tags.qortex.ai/cxo/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.qortex.ai/cxo/p-fc3a8e1a.system.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3e72ffa59a0684c988173f4ea0d75435f8ff50995c92974aa316288efe96a539

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
90
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2F7qHtRSto7S5V2%2FMAmvejpYSFDGIuVjuW21MSHgF6s0D1%2BYPDMhNSvHg%2BzsMAHkqpbI%2FuObUNu9supessytsaKhYRA99oibcL5z0qTYkkBK7s4EDrKhVYgbZco67dUttqCFnpwxk2eCiGCg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8407f228bb2eb3d4-MIA
fed
ups.analytics.yahoo.com/ups/58771/ Frame B7FB 		316 B
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58771/fed?1p=0&gdpr=0&gdpr_consent=&us_privacy=&pixelId=58771&puid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=www.staradvertiser.com&e=27&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
5c6742dcc257520af38d525698348eef537279a9f90c05dd2197abf8853cc2f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://prebid.a-mo.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://prebid.a-mo.net
content-type
application/json
access-control-allow-credentials
true
ecm3
s.amazon-adsystem.com/ Frame 8C12
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=f23bd312-5bb6-424a-95e9-d15220f0e7dc
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MBCZY412GMT23BCHDMZV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Date
Fri, 05 Jan 2024 01:28:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 8C12
Redirect Chain
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=d08b0939-e7dd-47e1-a1ce-13919d351d77
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=d08b0939-e7dd-47e1-a1ce-13919d351d77
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0YBMPES56CNY61MY9N5C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=d08b0939-e7dd-47e1-a1ce-13919d351d77
date
Fri, 05 Jan 2024 01:28:41 GMT
server
_
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 8C12
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2069.5%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=7017468078
  • https://sync.1rx.io/usersync3/appnexus/2069.5/7386633197929965226?zcc=0&sspret=1&rndcb=7017468078
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005%26ex%3Dr...
  • https://s.amazon-adsystem.com/ecm3?id=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005&ex=rhythmone.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005&ex=rhythmone.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VC47DY3VD6MGSXPCVKGK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005&ex=rhythmone.com
date
Fri, 05 Jan 2024 01:28:41 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1b1c05a4a7cb4073855993f6a89d18e6005
content-type
text/html
ecm3
s.amazon-adsystem.com/ Frame 8C12
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3474197131523813000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3474197131523813000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KQQ5XKPF9SENPNWKJ0MH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3474197131523813000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Fri, 05 Jan 2024 01:28:41 GMT
ecm3
s.amazon-adsystem.com/ Frame 8C12
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=44e38e5e65
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=44e38e5e65
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F69BHMGWJ78M1T8TEFDQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 05 Jan 2024 01:28:41 GMT
via
1.1 b18bcd54d0f77ca53d7c0ba4b9e54284.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=44e38e5e65
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
HeYaZx_RwclN2XovwhCLZLog51mwaJMSG7N7XukjAve-A_0mcv-ABA==
/
onetag-sys.com/match/ Frame 8C12 		0
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame 8C12
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=A0A7D3915CF44960ACE5E888F4B75986&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=A0A7D3915CF44960ACE5E888F4B75986&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CRD0WYKAB238WHXG69TG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 05 Jan 2024 01:28:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=A0A7D3915CF44960ACE5E888F4B75986&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 04 Jan 2024 01:28:41 GMT
ecm3
s.amazon-adsystem.com/ Frame 8C12
Redirect Chain
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded2276f7b82e2lucx800lqzyji0f
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded2276f7b82e2lucx800lqzyji0f
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AWT7C0DDVJNHJ7A7XTNB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 05 Jan 2024 01:28:41 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded2276f7b82e2lucx800lqzyji0f
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame 8C12
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=BUe8t8AGKClBFU9g5GxQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=BUe8t8AGKClBFU9g5GxQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8N85TTZ5RDTQ8DTMXXEN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=BUe8t8AGKClBFU9g5GxQ
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame A54C 		625 B
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=3136958&p=157743&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8640fab431382b238c10b7463e8f0e409ca32075df9af38116acafae902504f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 05 Jan 2024 01:28:40 GMT
content-length
625
content-type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame 1E7F 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=H8B4hBZHEQ_m7NwFTi24NL7-&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FJJRFDF6Z7FTA1JC4WQ7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 1E7F
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=27&3pid=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&gdpr_consent=
date
Fri, 05 Jan 2024 01:28:41 GMT
server
Kestrel
content-length
223
merge
ce.lijit.com/ Frame 1E7F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=K5XH98XlPE9c&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=K5XH98XlPE9c&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=K5XH98XlPE9c&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-fsdm2
expires
-1
merge
ce.lijit.com/ Frame 1E7F
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=OPU6f38051ae3b444a4aea786afd04874f0&gdpr=0&gdpr_consent=&pid=103
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=OPU6f38051ae3b444a4aea786afd04874f0&gdpr=0&gdpr_consent=&pid=103
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:42 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:41 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ce.lijit.com/merge?3pid=OPU6f38051ae3b444a4aea786afd04874f0&gdpr=0&gdpr_consent=&pid=103
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
131
expires
Mon, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 1E7F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2069.80%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=3185113970
  • https://sync.1rx.io/usersync3/appnexus/2069.80/7386633197929965226?zcc=0&sspret=1&rndcb=3185113970
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
  • https://ce.lijit.com/merge?pid=97&3pid=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:42 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=97&3pid=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
date
Fri, 05 Jan 2024 01:28:42 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1b1c05a4a7cb4073855993f6a89d18e6005
content-type
text/html
merge
ce.lijit.com/ Frame 1E7F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=sovrn&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:41 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:41 GMT, Fri, 05 Jan 2024 01:28:41 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 9254
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D486214773fce3e9d%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:41 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:41 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
Pug
simage2.pubmatic.com/AdServer/ Frame 1314
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F1508%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=2520692000
  • https://sync.1rx.io/usersync3/appnexus/1508/7386633197929965226?zcc=0&sspret=1&rndcb=2520692000
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
42 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 04 Jan 2024 14:53:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Fri, 05 Jan 2024 01:28:41 GMT
etag
RX1b1c05a4a7cb4073855993f6a89d18e6005
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Pug
simage2.pubmatic.com/AdServer/ Frame 499F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f7716597-5b45-4000-9fa2-5f3c3f74983b&gdpr=0&gdpr_consent=
42 B
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f7716597-5b45-4000-9fa2-5f3c3f74983b&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 04 Jan 2024 14:39:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:41 GMT
Expires
Fri, 05 Jan 2024 01:28:40 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1237 600843f master ord ord-pixel-x55 config_version:"4066"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f7716597-5b45-4000-9fa2-5f3c3f74983b&gdpr=0&gdpr_consent=
cm
ipac.ctnsnet.com/int/ Frame 7952 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 05 Jan 2024 01:28:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
pub
matching.truffle.bid/sync/ Frame DD4B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 05 Jan 2024 01:28:41 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame 765D 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:41 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-dfeb8c8ca065@version_1.579
X-core-time
1ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame E9FD
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7577045212095128841&uid=Q757704521209512...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7577045212095128841
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7577045212095128841
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 05 Jan 2024 01:28:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=59040
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Fri, 05 Jan 2024 01:28:41 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7577045212095128841
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame 74F5
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A0A7D3915CF44960ACE5E888F4B75986&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A0A7D3915CF44960ACE5E888F4B75986&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 04 Jan 2024 14:54:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Fri, 05 Jan 2024 01:28:41 GMT
expires
Thu, 04 Jan 2024 01:28:41 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A0A7D3915CF44960ACE5E888F4B75986&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
b9e8126a-a546-48ae-9dc7-dd9b2e497b11
ex.ingage.tech/v1/sync/pubmatic/ Frame CF40 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/pubmatic/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
cf-ray
8407f22a0d8e2583-MIA
date
Fri, 05 Jan 2024 01:28:41 GMT
server
cloudflare
vary
Origin
insync
thrtle.com/ Frame 3ADB
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=A0864502-06A0-4ED8-A79E-7CD263E71299&vxii_pid=12&vxii_pid1=10067&vxii_rcid=70e5b8d9-0bea-4ac0-bd4c-5aacfc8182d1
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=A0864502-06A0-4ED8-A79E-7CD263E71299&vxii_pid=12&vxii_pid1=10067&vxii_rcid=70e5b8d9-0bea-4ac0-bd4c-5aacfc8182d1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
50.17.254.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-254-219.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Fri, 05 Jan 2024 01:28:41 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=A0864502-06A0-4ED8-A79E-7CD263E71299&vxii_pid=12&vxii_pid1=10067&vxii_rcid=70e5b8d9-0bea-4ac0-bd4c-5aacfc8182d1
date
Fri, 05 Jan 2024 01:28:41 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 3ADB 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 3ADB 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.112.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-112-174.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:41 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 3ADB 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.250.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-250-119.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 05 Jan 2024 01:28:41 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame F936 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.7.29.146 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-29-146.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:41 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Fri, 05 Jan 2024 01:43:41 GMT
sync
api.retargetly.com/ Frame 6E62
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=83i98y4&ttd_tpi=1
  • https://api.retargetly.com/sync?pid=13&sid=736096f3-a33b-4e74-a900-147a47dba0f3
68 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.retargetly.com/sync?pid=13&sid=736096f3-a33b-4e74-a900-147a47dba0f3
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&fullVersionList=&platform=&_rlid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
Protocol
H2
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
8407f22afed425b9-MIA
expires
0

Redirect headers

location
https://api.retargetly.com/sync?pid=13&sid=736096f3-a33b-4e74-a900-147a47dba0f3
date
Fri, 05 Jan 2024 01:28:41 GMT
server
Kestrel
content-length
189
sync
app.retargetly.com/ Frame 6E62
Redirect Chain
  • https://retargetly-match.dotomi.com/match/bounce/current?networkId=95012&version=1&nuid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
  • https://app.retargetly.com/sync?pid=72&sid=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504521&nuid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
68 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?pid=72&sid=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504521&nuid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&fullVersionList=&platform=&_rlid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
Protocol
H2
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
8407f22b1f0825b9-MIA
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:41 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://app.retargetly.com/sync?pid=72&sid=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504521&nuid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 6E62 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3012&partner_device_id=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&_rand=1704418120914
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&fullVersionList=&platform=&_rlid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:41 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
app.retargetly.com/ Frame 6E62
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=retargetly_ddp&google_hm=MTg0NDVhYTAtZTM4Ni00YjcwLTlkOGMtN2FjZDJmYjlkZTRj&google_cm
  • https://app.retargetly.com/sync?pid=11&google_gid=CAESEPe8noipGYKtfqtLI0f5Kww&google_cver=1
68 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?pid=11&google_gid=CAESEPe8noipGYKtfqtLI0f5Kww&google_cver=1
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&fullVersionList=&platform=&_rlid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
Protocol
H2
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
8407f22b1f0425b9-MIA
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://app.retargetly.com/sync?pid=11&google_gid=CAESEPe8noipGYKtfqtLI0f5Kww&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
app.retargetly.com/ Frame 6E62
Redirect Chain
  • https://secure.adnxs.com/getuid?https://app.retargetly.com/sync?sid=$UID&pid=2
  • https://app.retargetly.com/sync?sid=7386633197929965226&pid=2
68 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?sid=7386633197929965226&pid=2
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&fullVersionList=&platform=&_rlid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
Protocol
H2
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
8407f22e5d4f25b9-MIA
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:41 GMT
an-x-request-uuid
9d39db82-cc4f-49c2-8f34-ef4c40b2f4cd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://app.retargetly.com/sync?sid=7386633197929965226&pid=2
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
app.retargetly.com/ Frame 6E62
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=RTGLY
  • https://ups.analytics.yahoo.com/ups/58698/cms?partner_id=RTGLY
  • https://app.retargetly.com/sync?pid=22&sid=y-gHNyHbJE2oK1qE6Ww4EnZ3_6qyViGDR1YpU-~A
68 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?pid=22&sid=y-gHNyHbJE2oK1qE6Ww4EnZ3_6qyViGDR1YpU-~A
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&fullVersionList=&platform=&_rlid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
Protocol
H2
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
8407f22eeeb825b9-MIA
expires
0

Redirect headers

location
https://app.retargetly.com/sync?pid=22&sid=y-gHNyHbJE2oK1qE6Ww4EnZ3_6qyViGDR1YpU-~A
date
Fri, 05 Jan 2024 01:28:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
app.retargetly.com/ Frame 6E62
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/retargetly/usersync?redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7BuserId%7D%26pid%3D23
  • https://app.retargetly.com/sync?sid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&pid=23
68 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?sid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&pid=23
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&fullVersionList=&platform=&_rlid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
Protocol
H2
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
8407f22eeeb525b9-MIA
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:41 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://app.retargetly.com/sync?sid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&pid=23
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
tpid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
bcp.crwdcntrl.net/map/c=11530/tp=RTRG/ Frame 6E62 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=11530/tp=RTRG/tpid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&fullVersionList=&platform=&_rlid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.158.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-158-19.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
sync
sync.teads.tv/rt/ Frame 6E62 		2 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/rt/sync?vid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&gdpr=0&us_privacy=%221-N-%22
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&fullVersionList=&platform=&_rlid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-197-151.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 05 Jan 2024 01:28:42 GMT
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
2
content-type
text/plain; charset=UTF-8
sync
app.retargetly.com/ Frame 6E62
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fpid%3D74%26sid%3D%5Bsas_uid%5D
  • https://app.retargetly.com/sync?pid=74&sid=6066353311403014312
68 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?pid=74&sid=6066353311403014312
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&fullVersionList=&platform=&_rlid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
Protocol
H2
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
8407f22f883925b9-MIA
expires
0

Redirect headers

location
https://app.retargetly.com/sync?pid=74&sid=6066353311403014312
date
Fri, 05 Jan 2024 01:28:41 GMT
content-length
0
v1
lb.eu-1-id5-sync.com/lb/ Frame F936 		33 B
282 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
bd8deb77329d43d402e4fba98db488118b9146e71a68a0aad85bae8af23f7c22
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
css2
fonts.googleapis.com/ Frame F936 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@500;600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c8483a1d83cf5ab8dc44ed8bad290b6a981a00934bb783a26b81e3f6987748d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 01:28:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:41:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jan 2024 01:28:41 GMT
setuid
u.4dex.io/ Frame D036 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 05 Jan 2024 01:28:41 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 0EBA 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-111.iad12.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:41 GMT
via
1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD12-P3
content-length
0
x-amz-cf-id
qUxVzqynKOuXwv2BBJ2cQu7f8yviC_domuRsXqjCLDGILHn312p0mA==
x-cache
Error from cloudfront
362358.gif
idsync.rlcdn.com/ Frame 0EBA
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJnIrlEvHQUxg1cmmRbiEEA&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJnIrlEvHQUxg1cmmRbiEEA&google_cver=1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJnIrlEvHQUxg1cmmRbiEEA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=A0864502-06A0-4ED8-A79E-7CD263E71299/gdpr=0/ Frame 0EBA 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=A0864502-06A0-4ED8-A79E-7CD263E71299/gdpr=0/gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.158.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-158-19.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:41 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.49.212
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 0EBA 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:41 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
usync.js
eus.rubiconproject.com/ Frame 9658 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adkernel
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adkernel
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12342
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 7785 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa8d91fc3ee3216f2e7f774e5d07bebdfc1db53c94224be95514a4588179cdfa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8407f22b9d3e25a3-MIA
content-encoding
br
content-type
text/html
date
Fri, 05 Jan 2024 01:28:41 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbRAUfuQdX1m%2Bx%2Fj2b7EloSOAa3n74EOQk24zSfAAH0GSdu4PdN8%2BI2Wh01Qw1PKAf8mhfDEoVi9RZBC6nKA3ZOH09pr1ZmoaeeQAzjjUgoR%2BvkvJZpgfpakDmILbra2KDWrBgfnUWHqmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync-iframe
cs-tam.minutemedia-prebid.com/ Frame BAB2 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:de00:17:c484:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
6387b0997af040b4672871a90dc87f02d385b61682b1a82c2e0c9053129cfadf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-tam.minutemedia-prebid.com
content-type
text/html
date
Fri, 05 Jan 2024 01:28:41 GMT
server
istio-envoy
via
1.1 70e40bc3fbbdbf0242115d0ef383be56.cloudfront.net (CloudFront)
x-amz-cf-id
FdLJxG6rHGqvjEMq-bcK6hbrOFitZoOBkdouWrjBiJsr8NPdM28g4g==
x-amz-cf-pop
IAD55-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
9
ecm3
s.amazon-adsystem.com/ Frame 7B3A 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDA0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
NQ2WFR40DSG69XKV5H1T
ecm3
s.amazon-adsystem.com/ Frame 1BA5 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDA0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
KP1PV8JMN7XB7E111TWJ
event_collector_cookies
pdp-service.retargetly.com/ Frame CF76
Redirect Chain
  • https://pdp-service.retargetly.com/event_collector_cookies
  • https://pdp-service.retargetly.com/event_collector_cookies?redirect=true
19 B
128 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pdp-service.retargetly.com/event_collector_cookies?redirect=true
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
403fc8964790196476ff4e888d6e806f4099a6d573f306182b1802c1c3d9e546

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
request_id
c2c8b30e-ab69-11ee-a182-3e42019e4f32
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, OPTIONS, GET, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ads.us.e-planning.net
access-control-allow-credentials
true
cf-ray
8407f23029a825b9-MIA
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
19

Redirect headers

date
Fri, 05 Jan 2024 01:28:41 GMT
request_id
c2584a61-ab69-11ee-94db-0e015e47f2a7
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, OPTIONS, GET, PUT
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ads.us.e-planning.net
location
/event_collector_cookies?redirect=true
access-control-allow-credentials
true
cf-ray
8407f22b883b25b9-MIA
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
requestCMI-SF.html
idsyncmxedge.com/ Frame 6E62 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idsyncmxedge.com/requestCMI-SF.html?input=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&type=4&sitename=rt
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2Fbe96b820e5daac93%3Fct%3D1%26ruidm%3D1%26du%3Dhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Deplanning%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&fullVersionList=&platform=&_rlid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-111.iad79.r.cloudfront.net
Software
CloudFront /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
via
1.1 c772176b119045d2ed52ef4f42db5fe0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD79-C2
content-length
0
x-amz-cf-id
_srNiXuRSN8C7SETS5JtGw1zkUBeXF38fnSOpmyl2XvwmpkEaiflxA==
x-cache
LambdaGeneratedResponse from cloudfront
RegistroIDSyncHE
serverf5.idsyncmxedge.com/RegistroSyncHE-web/ Frame 6E62 		0
0
khaos.json
token.rubiconproject.com/ Frame 74EB 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
container.html
77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1819 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 01:28:40 GMT
expires
Sat, 04 Jan 2025 01:28:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame C565
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504522
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504522
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
NAJEQNF2JQWJ2HEVSB5X

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Fri, 05 Jan 2024 01:28:42 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504522
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
ecm3
s.amazon-adsystem.com/ Frame A41A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=7386633197929965226&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=7386633197929965226&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
RMHDD6775R9B5VGDQ48Z

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
1d7820f2-6c30-4e3b-bef6-ac441517b4cc
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 05 Jan 2024 01:28:42 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=7386633197929965226&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
amazon
ce.lijit.com/beacon/ Frame 3F4A
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
2d956eb7e6845e72d9f0507c7fbf612b68cad76e8d3b2f853bce9a4218835cfe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
518
Content-Type
text/html
Date
Fri, 05 Jan 2024 01:28:42 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2dca1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
sync-iframe
cs-server-s2s.yellowblue.io/ Frame E61A 		469 B
919 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.202.106.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-106-54.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
257aff2c45cfc355aef43caf7e30e3cd8ab18960920935384d9c732afa46b0a0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-server-s2s.yellowblue.io
content-length
469
content-type
text/html
date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
x-envoy-upstream-service-time
3
usync.js
eus.rubiconproject.com/ Frame 9254 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12341
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
envelope
lexicon.33across.com/v1/ Frame F936 		42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&src=aps&ver=1.3.0&us_privacy=1---
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 05 Jan 2024 01:28:41 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
rum
dsum-sec.casalemedia.com/ Frame 7785
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-tBDgfwlV_hvwp42xPpc4iaEdkY
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-tBDgfwlV_hvwp42xPpc4iaEdkY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=judZp1u2DUmKYhTAFgvXfw8ruAuGB5E2zPbS9stW1tWqfMAcH4o7J8GVmqiktC%2F7XkFLESMbef9Wcip9%2BkKiTDEfC6UjKF3cnjMHAW%2FClju49DNAEH0hyFPFCO72P5TWMe1HVkJyfcMFkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f230d84625a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-tBDgfwlV_hvwp42xPpc4iaEdkY
Date
Fri, 05 Jan 2024 01:28:42 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 7785
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZdbQAAMIjwI5QBH
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZdbQAAMIjwI5QBH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSl25pv4Wjg%2BD1UDpIMHPCbsisA9hxWcorLs4GcDM8hPGn8oCaluCwKqDqENVHd28rQITOGBlD0Oev2qWiIbiyUOVfPGTVCROEwOu9hAoEqy%2FOyZbEDi07o7sq18OS4zF3nR3xnNNmJdVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f2309fb225a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-mia-kmia1760054-MIA
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704418122.293623,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZdbQAAMIjwI5QBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 7785
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7898252983751812422
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7898252983751812422
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCyAWPQWmTmv6Bh%2BvlVN5cRl%2Bs0FPlIE%2FYnK5yafqtIegujIbJMRyLXMybpNJ7aNvNvz7FIcXZ205gf7z2ysNhKmvkuixuOekhJcj5QuCmyvRN%2FWnJSlsOLR%2Ff9bEl2t7slTVKlI6HwC5A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f231fb0325a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7898252983751812422
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
r.casalemedia.com/ Frame 7785
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&gdpr=0&gdpr_consent=
43 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73INBQ1m9MQFHTJD95MHaHCzTci8e4d99uPla90ilKsIdiJHaxKSLNdiwl7wMj6W8ZfgFr9l2FgkXcGBDOfEHH6pksXd6T6RsSLodeb%2BdH12fTAzR04aOY%2B1OnovVZrRzmNF"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f2330c8e8dae-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:41 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame 7785
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=6066353311403014312&gdpr=0&gdpr_consent=
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=6066353311403014312&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apTj1GlFmGe%2Fk5K07qAurLhTbIRHg3MHeRIhnRyZtDCFioZtcsvqUZFomOCjFf8J3JUdoPizh%2Bm1WbWV4Pp85Btt2f%2Bp1K0Po3jue%2Bps3sVVGBkggjqE48NKBx%2FpvJy4GdN%2Fx4TaqynjVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f232fd0325a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=6066353311403014312&gdpr=0&gdpr_consent=
date
Fri, 05 Jan 2024 01:28:42 GMT
content-length
0
tp_out
d.adroll.com/cm/index/ Frame 7785 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:f86a:1dc2:9c08:7629 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 7785
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1813050728247349171
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1813050728247349171
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYyf30X5S5FjKTIFm1jUjogF%2FEFM5CP5SNOhTtLTw6QJ3itiTeIEtrSOtD8CGYu8vF5s2VugY3NElY3vGjNmkyO5bd1MQV%2FEtrTTgmwTh3CGx07yXVeIVPvtwYSU9scsuYOLJYhLlmWPqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f233ae0325a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1813050728247349171
Date
Fri, 05 Jan 2024 01:28:42 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 7785
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZdbPwCgEoqR40X4NR82pgAA%261641
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZdbPwCgEoqR40X4NR82pgAA%261641
43 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZdbPwCgEoqR40X4NR82pgAA%261641
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRXBZ4%2FIO%2BDIOBwHv7KiJ2DKRawb%2FwHz%2FL%2BUndIlYgB23ld9iI%2B3wNroerQtp9ARNQXem%2FrnMrXBgZkoy7u%2FYmhTyxOXurGsL0nCaKLNkCV3bWdPvPRyAITp%2B524N2kAQEv9UO%2BNmuCU5g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f2332d4d25a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZdbPwCgEoqR40X4NR82pgAA%261641
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT, Fri, 05 Jan 2024 01:28:42 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 7785 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WCWDZSCZE8QDHEV7V2P1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://csync.loopme.me/?pubid=11555&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redirect=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21511%26id%3D%7Bdevice_id%7D
  • https://cs.minutemedia-prebid.com/cs?aid=21511&id=d08b0939-e7dd-47e1-a1ce-13919d351d77&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21511&id=d08b0939-e7dd-47e1-a1ce-13919d351d77&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21511&id=d08b0939-e7dd-47e1-a1ce-13919d351d77&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
date
Fri, 05 Jan 2024 01:28:42 GMT
server
_
content-length
0
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=c73598e4-19af-4225-ad41-0db5af961cdf&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21496&id=c73598e4-19af-4225-ad41-0db5af961cdf&gdpr=0
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21496&id=c73598e4-19af-4225-ad41-0db5af961cdf&gdpr=0
date
Fri, 05 Jan 2024 01:28:42 GMT
content-length
0
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212429669350874
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212429669350874
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212429669350874
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/minutemedia/?&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__
  • https://cs.minutemedia-prebid.com/cs?aid=21515&uid=BUe8t8AGKClBFU9g5GxQ
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21515&uid=BUe8t8AGKClBFU9g5GxQ
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:42 GMT
Content-Type
text/html; charset=utf-8
Location
https://cs.minutemedia-prebid.com/cs?aid=21515&uid=BUe8t8AGKClBFU9g5GxQ
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
98
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZZdbPwCgEoqR40X4NR82pgAA%261641
0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZZdbPwCgEoqR40X4NR82pgAA%261641
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
15
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIvjSLJCalDM%2BsjiiXRwUMCzs2SDvoxtPlgv%2F%2FQ0o6zuRFcR3VZ7SNjtgdHG1v1P7Lapk1t9JjgLoKJV0sXL%2FgOxQAtfKaM2uhxejdiJP1GNKwbcRQQOaEGlvAOW%2FNNCymq0dhwovzbmeA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZZdbPwCgEoqR40X4NR82pgAA%261641
cache-control
no-cache
cf-ray
8407f2323b8225a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21504&uid=770043a8-af77-46db-9a99-c38ce904d888
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21504&uid=770043a8-af77-46db-9a99-c38ce904d888
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-180
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs.minutemedia-prebid.com/cs?aid=21504&uid=770043a8-af77-46db-9a99-c38ce904d888
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21497&puid=b92d9acc-1898-4487-959a-a4caca37df9b
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21497&puid=b92d9acc-1898-4487-959a-a4caca37df9b
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:43 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:42 GMT
Server
nginx
Location
https://cs.minutemedia-prebid.com/cs?aid=21497&puid=b92d9acc-1898-4487-959a-a4caca37df9b
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=A0864502-06A0-4ED8-A79E-7CD263E71299
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=A0864502-06A0-4ED8-A79E-7CD263E71299
date
Fri, 05 Jan 2024 01:28:41 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=df249810-332b-4610-9690-e25e6d3e931b
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21477&id=df249810-332b-4610-9690-e25e6d3e931b
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Fri, 05 Jan 2024 01:28:42 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.minutemedia-prebid.com/cs?aid=21477&id=df249810-332b-4610-9690-e25e6d3e931b
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=6066353311403014312&gdpr=0&gdpr_consent=
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21498&id=6066353311403014312&gdpr=0&gdpr_consent=
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21498&id=6066353311403014312&gdpr=0&gdpr_consent=
date
Fri, 05 Jan 2024 01:28:41 GMT
content-length
0
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=H8B4hBZHEQ_m7NwFTi24NL7-
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21488&id=H8B4hBZHEQ_m7NwFTi24NL7-
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Fri, 05 Jan 2024 01:28:42 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cs.minutemedia-prebid.com/cs?aid=21488&id=H8B4hBZHEQ_m7NwFTi24NL7-
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3686&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21517&id=8cde5c648fe156140db5378baffff1b&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21517&id=8cde5c648fe156140db5378baffff1b&gdpr_consent=&gdpr=0
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:42 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.minutemedia-prebid.com/cs?aid=21517&id=8cde5c648fe156140db5378baffff1b&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1704418122609004-141
bidswitch
sync-dmp.mobtrakk.com/match/ Frame BAB2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=minutemedia&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc
43 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=minutemedia&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
5.161.188.99 Ashburn, United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.99.188.161.5.clients.your-server.de
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx
content-length
43
content-type
image/gif

Redirect headers

Location
//sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=minutemedia&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Date
Fri, 05 Jan 2024 01:28:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=VEIznffDDzf1nB7iTMI_&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=VEIznffDDzf1nB7iTMI_&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=VEIznffDDzf1nB7iTMI_&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia
  • https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-ad54b833-7c6f-352a-acb0-b4e156cda26b
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-ad54b833-7c6f-352a-acb0-b4e156cda26b
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-ad54b833-7c6f-352a-acb0-b4e156cda26b
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
cache-control
no-store
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=59e9df5d-c912-4e7b-b753-fe5a89a9761c
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21503&id=59e9df5d-c912-4e7b-b753-fe5a89a9761c
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
//cs.minutemedia-prebid.com/cs?aid=21503&id=59e9df5d-c912-4e7b-b753-fe5a89a9761c
date
Fri, 05 Jan 2024 01:28:42 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID...
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=K5XH98XlPE9c&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21494&id=K5XH98XlPE9c&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs.minutemedia-prebid.com/cs?aid=21494&id=K5XH98XlPE9c&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-fsdm2
expires
-1
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=2687056411155449827788
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=2687056411155449827788
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&id=2687056411155449827788
date
Fri, 05 Jan 2024 01:28:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=7386633197929965226
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=7386633197929965226
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
an-x-request-uuid
e4b8772b-6c4e-4659-9ff2-ee06263aa598
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=7386633197929965226
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=c4fec229-13ee-5305-99c3-5f50fc540415
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21505&id=c4fec229-13ee-5305-99c3-5f50fc540415
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21505&id=c4fec229-13ee-5305-99c3-5f50fc540415
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority
  • https://sync.srv.stackadapt.com/sync?nid=95&rndcb=7672802496
  • https://sync.1rx.io/usersync/stackadapt/0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-1b1c05a4-a7cb-4073-8559-93f6a89d1...
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
date
Fri, 05 Jan 2024 01:28:42 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1b1c05a4a7cb4073855993f6a89d18e6005
content-type
text/html
cs
cs.minutemedia-prebid.com/ Frame BAB2
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER...
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=f85811dc81870e1d6389bcf2be3bdfa4
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21502&id=f85811dc81870e1d6389bcf2be3bdfa4
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://cs.minutemedia-prebid.com/cs?aid=21502&id=f85811dc81870e1d6389bcf2be3bdfa4
x-kong-upstream-latency
3
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame BAB2 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=minutemedia.com&id=cohMx3P-Cp_mm
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N8KDTEWNG6TKFN0ZJE3W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
jsync
aggle.net/ Frame F936 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aggle.net/jsync?pid=NEQ7KDHP5&domain=www.staradvertiser.com&pih1=&pih2=&pih3=&hadron_id=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y&tradedesk_id=%257B%2522TDID%2522%253A%2522736096f3-a33b-4e74-a900-147a47dba0f3%2522%252C%2522TDID_LOOKUP%2522%253A%2522TRUE%2522%252C%2522TDID_CREATED_AT%2522%253A%25222023-12-05T01%253A28%253A31%2522%257D
Requested by
Host: aggle.net
URL: https://aggle.net/js?pid=NEQ7KDHP5&domain=www.staradvertiser.com&pih1=&pih2=&pih3=&hadron_id=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y&tradedesk_id=%257B%2522TDID%2522%253A%2522736096f3-a33b-4e74-a900-147a47dba0f3%2522%252C%2522TDID_LOOKUP%2522%253A%2522TRUE%2522%252C%2522TDID_CREATED_AT%2522%253A%25222023-12-05T01%253A28%253A31%2522%257D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.179.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a938864f9581ea3da.awsglobalaccelerator.com
Software
gunicorn /
Resource Hash
1c17d0c5b7fc2f2ab1472e2fa2d5cbfec7e927707de9583b5454a3b1b075152a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 05 Jan 2024 01:28:43 GMT
date
Fri, 05 Jan 2024 01:28:42 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
gunicorn
content-length
1121
p3p
CP="NOI OUR BUS UNI COM NAV"
match
events-ssc.33across.com/ Frame DC10 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=25&external_user_id=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Fri, 05 Jan 2024 01:28:42 GMT
via
1.1 google
/
bpi.rtactivate.com/tag/ Frame 9447 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.25.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-25-103.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
52164
i6.liadm.com/s/ Frame 9447
Redirect Chain
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=A0864502-06A0-4ED8-A79E-7CD263E71299
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7898252983751812422
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=0e521442-191b-476e-bd4b-7f1dc324ebc5
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=liveintent&ssp_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-b_TzuFpE2pkUz94wCbmugmxYK_20IX7Yw79exA--~A&expires=5&ssp=liveintent
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
2600:1f18:ed:550f:9eb9:354c:5ca7:7a69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:43 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Date
Fri, 05 Jan 2024 01:28:43 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
qmap
sync.crwdcntrl.net/ Frame 9447 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.158.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-158-19.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.6.45
content-length
49
expires
0
/
io.narrative.io/ Frame 9447
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:A0864502-06A0-4ED8-A79E-7CD263E71299
  • https://io.narrative.io/?io.narrative.guid.v2=c2fd9ae0-ab69-11ee-b039-16c962239a11&companyId=673&id=pubmatic_id:A0864502-06A0-4ED8-A79E-7CD263E71299
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=c2fd9ae0-ab69-11ee-b039-16c962239a11&companyId=673&id=pubmatic_id:A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
34.233.109.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-109-59.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:42 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=c2fd9ae0-ab69-11ee-b039-16c962239a11&companyId=673&id=pubmatic_id:A0864502-06A0-4ED8-A79E-7CD263E71299
Date
Fri, 05 Jan 2024 01:28:42 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
/
bpi.rtactivate.com/tag/ Frame D868 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.25.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-25-103.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
52164
i.liadm.com/s/ Frame D868
Redirect Chain
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=A0864502-06A0-4ED8-A79E-7CD263E71299
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-0ja2yWerNoMaybDDx98yvvCxluwadSIzfOoYOg
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-0ja2yWerNoMaybDDx98yvvCxluwadSIzfOoYOg
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=0e521442-191b-476e-bd4b-7f1dc324ebc5
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=liveintent&bsw_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=liveintent&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
43 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
52.202.180.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-180-1.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:43 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
//i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Date
Fri, 05 Jan 2024 01:28:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
qmap
sync.crwdcntrl.net/ Frame D868 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.158.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-158-19.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.54.121
content-length
49
expires
0
/
io.narrative.io/ Frame D868
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:A0864502-06A0-4ED8-A79E-7CD263E71299
  • https://io.narrative.io/?io.narrative.guid.v2=c2fd9ae0-ab69-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:A0864502-06A0-4ED8-A79E-7CD263E71299
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=c2fd9ae0-ab69-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
34.233.109.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-109-59.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:42 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=c2fd9ae0-ab69-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:A0864502-06A0-4ED8-A79E-7CD263E71299
Date
Fri, 05 Jan 2024 01:28:42 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
match
events-ssc.33across.com/ Frame BA6C 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=25&external_user_id=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Fri, 05 Jan 2024 01:28:42 GMT
via
1.1 google
/
bpi.rtactivate.com/tag/ Frame 8C23 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.25.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-25-103.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
52164
i.liadm.com/s/ Frame 8C23
Redirect Chain
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=A0864502-06A0-4ED8-A79E-7CD263E71299
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7898252983751812422
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=0e521442-191b-476e-bd4b-7f1dc324ebc5
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=liveintent&bsw_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=liveintent&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
43 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
52.202.180.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-180-1.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:43 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
//i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Date
Fri, 05 Jan 2024 01:28:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
qmap
sync.crwdcntrl.net/ Frame 8C23 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.158.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-158-19.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.2.105
content-length
49
expires
0
/
io.narrative.io/ Frame 8C23
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:A0864502-06A0-4ED8-A79E-7CD263E71299
  • https://io.narrative.io/?io.narrative.guid.v2=c2fd9ae0-ab69-11ee-a180-0a02e9f38595&companyId=673&id=pubmatic_id:A0864502-06A0-4ED8-A79E-7CD263E71299
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=c2fd9ae0-ab69-11ee-a180-0a02e9f38595&companyId=673&id=pubmatic_id:A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
34.233.109.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-109-59.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:42 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=c2fd9ae0-ab69-11ee-a180-0a02e9f38595&companyId=673&id=pubmatic_id:A0864502-06A0-4ED8-A79E-7CD263E71299
Date
Fri, 05 Jan 2024 01:28:42 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
match
events-ssc.33across.com/ Frame 10E8 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=25&external_user_id=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Fri, 05 Jan 2024 01:28:42 GMT
via
1.1 google
um
u-iad04.e-planning.net/ Frame 78D3 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=486214773fce3e9d&uid=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D486214773fce3e9d%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:42 GMT
server
openresty
um
u-iad04.e-planning.net/ Frame B3A3 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=486214773fce3e9d&uid=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D486214773fce3e9d%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:42 GMT
server
openresty
pixel;r=229390222;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F;ref=...
pixel.quantserve.com/ Frame F936 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=229390222;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F;ref=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F;uht=2;fpan=1;fpa=P0-1425143951-1704418119885;pbc=95d1454d-e53e-46b3-b4de-3341491a2a03;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;us_privacy=1---;d=staradvertiser.com;dst=0;et=1704418121428;tzo=600;ogl=;ses=51a77186-ee71-4ec1-b05e-e86db61da2ed;mdl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
fpc
at.teads.tv/ 		56 B
246 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_12522&tfpvi=YWM5NGJkNjktOWNmMy00NjY3LTgzYjctMmRiYTVjZDVmOGVlIy01MA%3D%3D&gdpr_status=21&gdpr_reason=240&gdpr_consent=&ccpa_consent=&shared_ids=&sv=471b531&
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-197-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
482ff70e23751f4782171625b8f6342bc6c41382586633929a4b34360afe3a3a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
56
expires
Fri, 05 Jan 2024 01:28:42 GMT
ecm3
s.amazon-adsystem.com/ Frame 2638
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2687056411155449827788
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2687056411155449827788
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-minuteMedia_rx_n-MediaNet_cnv_n-smaato_n-onetag_n-simpli.fi_n-baidu_an-db5_sovrn_n-Rise_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
PKKWZR7Q44JVZM0W6SMM

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 05 Jan 2024 01:28:42 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2687056411155449827788
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
bid
ap.lijit.com/rtb/ 		23 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.13.0-pre
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
7b666d5b5b9cbdf66f870c67c46aac8ae6c47da8f8d224b044c89d6528404c28

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 05 Jan 2024 01:28:42 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.staradvertiser.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
trinity.json
apex.go.sonobi.com/ 		94 B
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2241b4cf678be82c%22%3A%225ada8bc6024f756e9ec4%7C300x250%7Cgpid%3D%2F281191609%2C5136785%2Fcityspark_oahu%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&s=1c1d69cf-8613-4e59-a87c-203cf854b8eb&pv=5bd3ffba-180a-437c-bd5b-ceb7a4308e8e&vp=desktop&lib_name=prebid&lib_v=7.13.0-pre&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F%22%2C%22domain%22%3A%22staradvertiser.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22staradvertiser.com%22%7D%2C%22keywords%22%3A%22Nationalnews%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%7D&ius=1&gdpr=false&schain=%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22americanhometownmedia.com%22%2C%22sid%22%3A%2200049%22%2C%22hp%22%3A1%7D%5D%7D&us_privacy=1---&coppa=0
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
147a0ddeaa33d81d7810b7cf5c80e3ec27cc324232f6afcccdcb4d274c0474b0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-180
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
119
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pubmatic
s.seedtag.com/cs/cookiesync/ Frame BA89 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 05 Jan 2024 01:28:42 GMT
server
openresty
via
1.1 google
p
a.audrte.com/ Frame A54C
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A0864502-06A0-4ED8-A79E-7CD263E71299
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MTQ3OG5iZm1peENRWENwcjVUcmdocGVGQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=5394353749448417114&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
52.17.153.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-153-143.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:43 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 05 Jan 2024 01:28:43 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
g.pixel
aa.agkn.com/adscores/ Frame A54C 		43 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-110.iad89.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
via
1.1 55b6418a8a2f714a67d8e4d292154ef2.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
IAD89-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
QuJdZuvlISkkAfADibzYhpEGEFcZ3wqNAuVInvx4WaXPL-UVMYFRKA==
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame A54C
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A0864502-06A0-4ED8-A79E-7CD263E71299&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A0864502-06A0-4ED8-A79E-7CD263E71299&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A0864502-06A0-4ED8-A79E-7CD263E71299&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:42 GMT
Frontend-ID
14
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:42 GMT
Frontend-ID
0
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=A0864502-06A0-4ED8-A79E-7CD263E71299&sInitiator=external&gdpr=0&gdpr_consent=
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
match
ps.eyeota.net/ Frame A54C
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
  • https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
  • https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=b9ea21a0003f74ba
  • https://ps.eyeota.net/pixel/bounce/?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=b9ea21a0003f74ba
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkVMRWdrY0ZweDE4RFo1VXJIUUp3S3JldFVwVm5ZN3pYc05na2FfVHlqUTA&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEHzg1LlU6D52YjScVjTunlU&google_cver=1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEHzg1LlU6D52YjScVjTunlU&google_cver=1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
18.214.54.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-54-215.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:44 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEHzg1LlU6D52YjScVjTunlU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 74EB
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr_consent=undefined&gdpr=0&khaos=LQZYJ7Y5-28-J2H9
  • https://s.amazon-adsystem.com/ecm3?id=LQZYJ7Y5-28-J2H9&ex=d-rubiconproject.com&status=ok&gdpr=0&gdpr_consent=undefined
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQZYJ7Y5-28-J2H9&ex=d-rubiconproject.com&status=ok&gdpr=0&gdpr_consent=undefined
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_rx_ox-db5_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_rbd_ppt_n-baidu_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B9WK8HA03ZAW1T4HHYNV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQZYJ7Y5-28-J2H9&ex=d-rubiconproject.com&status=ok&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
usync.html
eus.rubiconproject.com/ Frame 57E2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-tam.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:42 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame F97B 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-tam.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
p-31c577a7.system.js
tags.qortex.ai/cxo/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.qortex.ai/cxo/p-31c577a7.system.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a87dab54792ca3697212f10ca3a1504a38c2c6d609612d0e3954824d2726a172

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
82
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RvJLyFG%2FrLRpHFc3xpRrQEvr%2BAVHnN30en3xG6tgnjwG98IDaOVI56ETs1nF66bBKSvZhycqLtkff%2FXgcaCiBoTx0WXnDvHrZYcW%2B0iOeyQBx3JYahS%2FphRcrZUd6cegtin7WNuoz8VxDeFr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8407f2324dd5b3d4-MIA
cksync.php
contextual.media.net/ Frame E61A 		57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.39.176.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-176-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 01:28:42 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Fri, 05 Jan 2024 01:28:42 GMT
ecm3
s.amazon-adsystem.com/ Frame E61A 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rise.com&id=fo4ME3P-kp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
515M0CEN9RY46PS9QT7D
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 3D18 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:42 GMT
Expires
0
Pragma
no-cache
usersync
usersync.gumgum.com/ Frame FD21 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:42 GMT
Expires
0
Pragma
no-cache
ecm3
s.amazon-adsystem.com/ Frame 3F4A 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=H8B4hBZHEQ_m7NwFTi24NL7-&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RGGYRK46ZJ0HEGB936EP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 3F4A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=fmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1813050728247349171&expires=30&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:42 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 05 Jan 2024 01:28:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
sync.springserve.com/ Frame 3F4A
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcs.krushmedia.com%2F7fd23a3f0217f27d6c9750c140876344.gif%3Fpuid%3D%24UID&uid=$UID
  • https://cs.krushmedia.com/7fd23a3f0217f27d6c9750c140876344.gif?puid=2687056411155449827788
  • https://sync.springserve.com/usersync?aid=1917&uuid=1fdb5d7b-30c9-5cb8-86d4-8c47a7462608
43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1917&uuid=1fdb5d7b-30c9-5cb8-86d4-8c47a7462608
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Server
54.82.127.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-127-194.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 05 Jan 2024 01:28:43 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:43 GMT
Server
nginx
Location
https://sync.springserve.com/usersync?aid=1917&uuid=1fdb5d7b-30c9-5cb8-86d4-8c47a7462608
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
merge
ce.lijit.com/ Frame 3F4A
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LQZYJ7Y5-28-J2H9&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LQZYJ7Y5-28-J2H9&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:43 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LQZYJ7Y5-28-J2H9&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7c5d24517ee193cc868994bc18883d1d
Expires
0
merge
ce.lijit.com/ Frame 3F4A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=7386633197929965226&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=7386633197929965226&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:42 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
an-x-request-uuid
3b4f49b4-b278-4c98-b1c8-1d53cd188a5f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ce.lijit.com/merge?pid=92&3pid=7386633197929965226&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 3F4A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:43 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:42 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame F936 		190 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1471:16::820 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Fri, 05 Jan 2024 01:58:42 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame F936 		33 B
281 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
46ef3055ed7566a5b8013ec144510f85a5920cc90de197ac8b0a2329dd86d9b3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
579.json
id5-sync.com/g/v2/ Frame F936 		625 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a386b95ee6408be91dc821b3afcce5a1926add413d8d1a16a03b082f8228e3ba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1819 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com
URL: https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 Ashburn, United States, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 16:40:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
31708
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Jan 2025 16:40:14 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 1819 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com
URL: https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70c7d95a58fd161e6dfb066e3a5ef80254e7beceb438079891c490ea5e52a6dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51179
x-xss-protection
0
server
cafe
etag
3089854415343550821
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:28:42 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1819 		204 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com
URL: https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:28:42 GMT
/
onetag-sys.com/usync/ Frame C645 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
khaos.json
token.rubiconproject.com/ Frame 9658 		7 B
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
um
u-iad04.e-planning.net/ Frame 4012 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?uid=A2580877537250048855&dc=eba3ecb667ab30ab&fi=486214773fce3e9d
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D486214773fce3e9d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:42 GMT
server
openresty
usync.js
eus.rubiconproject.com/ Frame 57E2 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12341
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
event_collector
pdp-service.retargetly.com/ Frame CF76 		100 B
398 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pdp-service.retargetly.com/event_collector
Requested by
Host: pdp-cdn.retargetly.com
URL: https://pdp-cdn.retargetly.com/t2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:118d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20497d7aaf1ef817b72baaa8ff9c94dc65ed722c67abb916940bd3173155baf4

Request headers

Referer
https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:43 GMT
content-encoding
gzip
request_id
c3516aaa-ab69-11ee-94db-0e015e47f2a7
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, OPTIONS, GET, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ads.us.e-planning.net
access-control-allow-credentials
true
cf-ray
8407f235cab19aef-MIA
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
event_collector
pdp-service.retargetly.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pdp-service.retargetly.com/event_collector
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:118d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ads.us.e-planning.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f23559c79aef-MIA
content-length
0
date
Fri, 05 Jan 2024 01:28:43 GMT
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
khaos.json
token.rubiconproject.com/ Frame 9254 		7 B
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 9658 		0
0
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame F936 		229 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.7.29.146 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-29-146.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:43 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
server
Apache
etag
"394d0-60864a57eaadc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67550
expires
Fri, 05 Jan 2024 01:43:43 GMT
cs
a.usbrowserspeed.com/ Frame F936 		0
0
p-cb52e3b0.system.entry.js
tags.qortex.ai/cxo/ 		553 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.qortex.ai/cxo/p-cb52e3b0.system.entry.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4da325f33603cea1c0fb888724333710a30f485bd6bacd5bb5c3cf094c1048f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
101
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5g10qxh3BN%2BzNpr00ZLdlgBGwXsw%2B8cGlQwpwYbcDx5SM9pkOcXfRRdESZwaPX6CK0sAZWMY4HXmkksXYw8ecWJA3%2BflWeCGEGZLdVjiterJH7QWNVpCfU6qwWFbQPRb3BWoKEETceKb1CE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8407f2355c4fb3d4-MIA
usersync
usersync.gumgum.com/ Frame 9254
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&khaos=LQZYJ7Y5-28-J2H9
  • https://usersync.gumgum.com/usersync?b=mag&i=LQZYJ7Y5-28-J2H9&gdpr=0&gdpr_consent=undefined
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LQZYJ7Y5-28-J2H9&gdpr=0&gdpr_consent=undefined
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:43 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LQZYJ7Y5-28-J2H9&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
v3
id5-sync.com/gm/ Frame F936 		693 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
02bf6a6045ffac6827063d23b3059371f0266e9b5a1a58886f3ce481014fdbf0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 1819 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1GvoykV8nxSuuxh0z1sJpdlzt6VSkTbB93XmJYTMZiMtHN7Kqh_Tevh6Tq0pHizgFBzTWLKi_IhcETK8ZPp2HuA6pmKod0Kvbv9WF3qqVYsFrnG99wf2uKFjskxdY1eCwbd3g80L-1zi7Cyir00iz_fGsosB4rOc0WkGBNQoLWSZ5aFI-_c6SBZ2I4E6MJe54pWYZMaM3pQhGOfO_C0FShAqu3-AZsLbLMf8Cff6BCXHSk76yRZn-1W38DjnSB_e-Cjy78q5TFgjCwZPFkXDRYdH0TM6N8XSflH7N66gsqMmBFLBiKJtCVCPwqLVdsg8By8VC5XUdCtQpfiWDE4hIULLxPm8GuuotaF4ee_22oDKBJHkMPoCTor0NGz5XwWeq5YqvBEg&sai=AMfl-YR53dLsnkYa_wowPHzluozTUcnif3UIPavIAK7RhBsKmuiLe1EBPBNYQaO7Rtj6LkKtgJMDrCbO2EUc0_R30fxDtzkE29nWkqKf0Rt25kx1Ff2Ba4PofEZl2CH7UI0&sig=Cg0ArKJSzKf0djL4d67qEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com
URL: https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame CF76 		155 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-85.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 04 Jan 2024 09:12:50 GMT
via
1.1 d835a04e842d9117fd810e7c8479dad4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P2
age
58554
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
ykBbtyRooNM_k1cGenx9XypPv_t31j8edAEkCo3WKiG1-H-MpwDkKQ==
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ Frame 1819 		403 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9707143eaf52236d85e9d73c54997660619dedc90300315e2a2b019e84d4f6a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139389
x-xss-protection
0
server
cafe
etag
7083347955003966614
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:28:43 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240104/r20190131/ Frame B283 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240104/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
12319
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 22:03:24 GMT
etag
9219409622527106327
expires
Thu, 18 Jan 2024 22:03:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame 57E2 		7 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=staradvertiser.com&p=%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&u=BZrUvzDXMdnwBwzJOh&d=staradvertiser.com&g=48334&g0=Top%20News&g1=Associated%20Press&n=1&f=00001&c=0.25&x=0&m=0&y=6503&o=1600&w=1200&j=30&R=1&W=0&I=0&E=4&e=4&r=&PA=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&b=4669&t=Cg_P3IDv3fU9CFNua1BncpGVBUIYri&V=143&tz=600&_acct=anon&sn=2&sv=6wmX1DMZZK2CtCFufCc_GvkDC00Po&sr=external&sd=1&im=067b0fff&_
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.113.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-113-238.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:43 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
setuid
u.4dex.io/ Frame 8DDB 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 05 Jan 2024 01:28:43 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
SPug
simage4.pubmatic.com/AdServer/ Frame 3ADB 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=95054&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fb9e8126a-a546-48ae-9dc7-dd9b2e497b11%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
truncated
/ Frame 1819 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b0f896395d38242a3908fca302d7b5fbaf581bab53d8745917eb4db8b33a426

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
data
bcp.crwdcntrl.net/6/ Frame CF76 		259 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.158.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-158-19.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
6f91e9965607c5111d66683111171779ae0c2efdeecf66d3491bfb5f618d2e89

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:43 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.40.49.212
access-control-allow-credentials
true
content-length
259
expires
0
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f2393a8f7449-MIA
date
Fri, 05 Jan 2024 01:28:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYzoxjRXoHDo0ufKYM6zmH3otjq4015v4KH8YmBK2SX36%2FaMLsB%2BHt3WaRVkUCzsD2tiE4J6bUqP0UJTiTML3Dv6qIAEV1umB6Vb%2B%2Bu82F3NEGOTvXNpNGgSSrag8IkUO04ccBVfbm%2BvC66Ml5c%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZFvFFvRHH5hFrAhHNU0sCPfrNQ7mmQO6qW%2F3PjtAR%2FB1jUqKksfmkj4sraFK%2FGs9jGPG0B15u08BYa6pmOc1aVoUGZ%2FvMGhisG6SMORj9K1ebZkqYLZ91AD6EKokzUKHtW%2BsnKDc5iyfoR7jIw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f239ab977449-MIA
content-length
0
staradvertiser.com
demand.qortex.ai/api/v1/group/configs/stn-13479/ 		19 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/group/configs/stn-13479/staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9064c229e377007ce5c9dae66f0c8c24c9b0dda2606feaccc10f0e72b1bfa77e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKZj1L%2F%2BOfIJ%2F9re7L1H0qiqQaYRG1uVDGSQKWzXYi6RGyxjSxOWvs14E%2FMUld9zXn51moiEZK2kLz4MxZFr1QUMeqzpoudzSNzd%2B%2FlFZBxJh55oN0ymLv%2BsFlzMXy%2B3J3oeloXfbbiBkPEym%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8407f2393a937449-MIA
cms-2c-rubicon.html
cti.w55c.net/ct/ Frame 7BAA 		52 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cti.w55c.net/ct/cms-2c-rubicon.html?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:f800:3:4706:a6c0:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecb740996ce05e9b7823c9690564a0d7b3840becad640d37e929cd4f4ee1cdf4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eus.rubiconproject.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
98355
cache-control
must-revalidate
content-encoding
gzip
content-type
text/html
date
Wed, 03 Jan 2024 22:09:30 GMT
etag
W/"7549d51888f0142460ac70be66758bc9"
last-modified
Fri, 17 Sep 2021 21:17:39 GMT
server
AmazonS3
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 03efa14de61e5d90be5300eba235f560.cloudfront.net (CloudFront)
x-amz-cf-id
Ck3OSRDDJD6htgUeI8xhGevZV8XDS0IBQQQE897Plh8ud9_uawpGtg==
x-amz-cf-pop
IAD79-C3
x-amz-replication-status
COMPLETED
x-amz-version-id
eM8rKv5bLrMqGrCvH619GCOhuiLqCbex
x-cache
Hit from cloudfront
cs
cs.minutemedia-prebid.com/ Frame 57E2
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LQZYJ7Y5-28-J2H9
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQZYJ7Y5-28-J2H9&gdpr=0&gdpr_consent=undefined&us_privacy=1---
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQZYJ7Y5-28-J2H9&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:43 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQZYJ7Y5-28-J2H9&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
player-event
events.qortex.ai/api/v1/ 		0
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvokHxObAQFH3%2FXWGJG8zVTj5qGNWElnBADlywRSg%2FK4HopG28U6XVo%2FUJ6hS%2Fvm3Tv4kiEU2uMNFOg0rzPv3Q7EuMY2vfP4byl45wJQJsn%2B5HFXeKI3O6pSBOFB0AGKS8GLS56ph%2Bieta35XUw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f239ab9a7449-MIA
content-length
0
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f2393a967449-MIA
date
Fri, 05 Jan 2024 01:28:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fp2LKb9xMJTqz866hU4izIsBQIHDd%2FHF70hVuCV%2BkknIZKJ2gJGyd1dtYUYKyFWP6%2F4wMbhwqCflbs8g25pm42cENbFKPYm7xOTNivC%2BUCDmWIFfUS6gUO8q6W732bOn9Z5PTx6j2hxzPJuafI0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame E79E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-85.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
80511
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Thu, 04 Jan 2024 03:06:53 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 bdf2aab533e801e16a7a135842a2ee18.cloudfront.net (CloudFront)
x-amz-cf-id
VTDwqFXYcGIyQKmM1iT3DzqZflgPu4-dxxhQ0QYo1R1910_k4P8D1Q==
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161089/5500/ 		212 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161089/5500/pwt.js
Requested by
Host: tags.qortex.ai
URL: https://tags.qortex.ai/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4dcf78b31f69c1674cb5a75cd5fd5744538b50eaf34076396d9cf54acebee6e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:43 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:43:34 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=46253
accept-ranges
bytes
content-length
65407
expires
Fri, 05 Jan 2024 14:19:36 GMT
player-event
events.qortex.ai/api/v1/ 		0
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzcwkGW4EJ47HDPKu%2B%2BSefVDAcgGFMfiP3RIdKhdWDk3Cgi3woyvz8xvk8toJcIvyiVb5IdnviVLWHv%2FsYIVCI2id5rQGqv3EbtL6BNeJCoUVGiKvVHOEdCnbbbyPqIis4hDo%2F30HlBDwbiNPx4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f23a9d597449-MIA
content-length
0
user-sync
sync.adkernel.com/ Frame 4C91 		957 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=176101&r=https%3A%2F%2Fdemand.qortex.ai%2Fsync%3Fakuid%3Dhttps%3A%2F%2Fwww.staradvertiser.com%7C%7BUID%7D
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
7eca8f3a178b262cec9619ab601c30fd9eadd270939ea066a5a22c93a2aa7b6a

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
957
Content-Type
text/html; charset=utf-8
Date
Fri, 05 Jan 2024 01:28:44 GMT
Server
nginx
player-event
events.qortex.ai/api/v1/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyBXxS46ETjVYFnp%2BFkL7xghF%2B5KRAtAdsAxUOSBetocLs3aS9hS2lyloHQbcGbIhiE2utQyuSNLslTn7aE6pMk%2B1%2BnZpsqRwEZRGsmKV0Y275hDV5Jzsw4J7fMlqp0qSsvtDrgI0tQA4iroZCE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f23a9d5d7449-MIA
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 1819 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2-fCkAMMxPReDUcqA1Dr7PcILedE_R-FIb99U8nSjxJIim1DQED9bvWXyvZkLqcvi4Uh1nQPNvWFT4Msb1ZgOFKnKgAgt9pHEQf0P2S39eiwDc0N7RvClEKOBh__dxR7RVS_Y4Z9ErWkamM14m7F3CmPBiVK-9l0gg7CuQKpHcKnfiKOm94NQoT7N1ZLwL6HSno8glGdXYAgdCy8iwSpOt5hS45GwZs2mjPRUk93rkkMRiaeEVGLC7MSNG6YF777jcDkavF3MTd-2yJ5utLp3OUuvfPGXCpsWNHQCFu6GdtrNNxiL2xZKCo8Q2KeqYJjGK5VLv9i6ZwWGGOy_FkPCHsWgJSxT0Blcox-R3uMP7fBFkMi7Qa6xnoV13DCmNV8OTObaqElZEw&sai=AMfl-YS3CvOoG8iWgVsk-TZoYYIE2dUC6Od2cSpfzuLC90NjNqTdUNlwc3j7eG1G8d2HrKA16krzERmVtpObfLjLsAH4IiBVcNC2ZudSQN9yl9Dh2-rOQeLwZ-sBOCVhPis&sig=Cg0ArKJSzI8FYigksKNOEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 05 Jan 2024 01:28:44 GMT
32202822055745462659705d2b64346.47145170-00002.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		949 KB
950 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/32202822055745462659705d2b64346.47145170-00002.ts
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0d8cf0634af4ad0abaef1d597a7db715016a897629445fda9e44710a5434f3a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 20:00:51 GMT
via
1.1 3dcb635971b5d310e8941cdb963aff70.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
age
19672
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
971396
last-modified
Thu, 04 Jan 2024 19:24:44 GMT
server
AmazonS3
etag
"421083fb814eb21c563845cdfa08cdeb"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
1lCQ84O9jSjl6_grV6d8IBtk046mLIgK0i5RP6onpAec_jx2bhjPfQ==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 57E2 		43 B
954 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=54&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2269:2e00:1b:6b7d:2300:93a1 , United States, ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:43 GMT
via
1.1 d591fee4e3f29cf0e3380368d25b4a40.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
lBegAC_0pV2qnLksQLAZi-hIovI226J_DZmsXHlx_54hvCE4AnvcPQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 57E2
Redirect Chain
  • https://tg.socdm.com/rtb/sync?proto=rubicon&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=ZZdbScCo8YIAALvpxfgAAAAA
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=ZZdbScCo8YIAALvpxfgAAAAA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Date
Fri, 05 Jan 2024 01:28:43 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=rubicon&gdpr=0&us_privacy=1---","cluster_id":0,"gdpr":false,"ipv4":"38.132.118.70","key":"ZZdbScCo8YIAALvpxfgAAAAA","privacy_sensitive":false,"uid":"ZZdbScCo8YIAALvpxfgAAAAA","upstream_id":"m-ad1023"}
X-SO-Key
ZZdbScCo8YIAALvpxfgAAAAA
X-SO-Upstream-ID
m-ad1023
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad1023.dc4p.scaleout.jp
X-SO-UID
ZZdbScCo8YIAALvpxfgAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
38.132.118.70
X-SO-Cluster-ID
0
Server
nginx
Location
https://pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=ZZdbScCo8YIAALvpxfgAAAAA
Cache-Control
private
X-SO-Ads-Time
2
X-SO-LB-Hostname
m-tgng30.dc4p.scaleout.jp
tap.php
pixel.rubiconproject.com/ Frame 57E2
Redirect Chain
  • https://um4.eqads.com/um/rc?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=11598&nid=2494&put=08086e4a-a446-4039-9081-3354ed5f7a34&expires=30
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=11598&nid=2494&put=08086e4a-a446-4039-9081-3354ed5f7a34&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=11598&nid=2494&put=08086e4a-a446-4039-9081-3354ed5f7a34&expires=30
date
Fri, 05 Jan 2024 01:28:43 GMT
cache-control
no-cache
content-length
0
expires
0
tap.php
pixel.rubiconproject.com/ Frame 57E2
Redirect Chain
  • https://sid.storygize.net/ccm/729e4e94-63c3-438d-8ce4-184eb34e703f?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=e70a7824-89af-41a5-a56b-06996c8ccf7d
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=e70a7824-89af-41a5-a56b-06996c8ccf7d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=e70a7824-89af-41a5-a56b-06996c8ccf7d
date
Fri, 05 Jan 2024 01:28:43 GMT
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 57E2
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D32128%26nid%3D2915%26put%3D[sas_uid]&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=6066353311403014312
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=6066353311403014312
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=6066353311403014312
date
Fri, 05 Jan 2024 01:28:43 GMT
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 57E2
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=64&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1813050728247349171&expires=30
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1813050728247349171&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1813050728247349171&expires=30
Date
Fri, 05 Jan 2024 01:28:43 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 57E2
Redirect Chain
  • https://onetag-sys.com/match/?int_id=4&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ads-user-sync
www.tumblr.com/ Frame 57E2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=smaato&gdpr=0&us_privacy=1---
  • https://s.ad.smaato.net/c/?dspId=1001989&dspCookie=LQZYJ7Y5-28-J2H9&gdpr=0&us_privacy=1---
  • https://www.tumblr.com/ads-user-sync?partner=smaato&uid=44e38e5e65&gdpr=0&gdpr_consent=
70 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tumblr.com/ads-user-sync?partner=smaato&uid=44e38e5e65&gdpr=0&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
H2
Server
192.0.77.40 San Francisco, United States, ASN (),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
a73237a07cec4d81b7cb7995220839f554e2e8936e5d5ae25cc47753f9737c07
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com/beacon.js https://ssl.google-analytics.com/ga.js https://www.google-analytics.com/analytics.js https://fc.yahoo.com/sdarla/php/client.php https://s.yimg.com/rq/darla/ https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://*.gemini.yahoo.com https://s.yimg.com/av/gemini/ga/gemini-iframe.js https://s.yimg.com/av/curveball/ 'unsafe-eval' 'nonce-Yck2aS6k4awCdjbpq4ZU21RWaY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
mia 1
date
Fri, 05 Jan 2024 01:28:44 GMT
content-security-policy
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com/beacon.js https://ssl.google-analytics.com/ga.js https://www.google-analytics.com/analytics.js https://fc.yahoo.com/sdarla/php/client.php https://s.yimg.com/rq/darla/ https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://*.gemini.yahoo.com https://s.yimg.com/av/gemini/ga/gemini-iframe.js https://s.yimg.com/av/curveball/ 'unsafe-eval' 'nonce-Yck2aS6k4awCdjbpq4ZU21RWaY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports;
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; preload
x-frame-options
deny
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
content-type
image/png
x-rid
d35c3a0ed2521fcd845120f87f04601e
content-length
70
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1

Redirect headers

date
Fri, 05 Jan 2024 01:28:44 GMT
via
1.1 b18bcd54d0f77ca53d7c0ba4b9e54284.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
location
https://www.tumblr.com/ads-user-sync?partner=smaato&uid=44e38e5e65&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
LrUskiHBoMbZfswscvFy5IKfpmTc0u3TrP81AxZyWdgFjfrl4WMh1Q==
tap.php
pixel.rubiconproject.com/ Frame 57E2
Redirect Chain
  • https://rtb.adentifi.com/CookieSyncRubicon?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31930&nid=2966&put=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11&expires=1825
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31930&nid=2966&put=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11&expires=1825
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=31930&nid=2966&put=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11&expires=1825
date
Fri, 05 Jan 2024 01:28:43 GMT
content-type
text/plain
tap.php
pixel.rubiconproject.com/ Frame 57E2
Redirect Chain
  • https://dmp.brand-display.com/cm/api/rubicon?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=3ad06018-d1ed-a766-3562c7cc
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=3ad06018-d1ed-a766-3562c7cc
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 05 Jan 2024 01:28:44 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=3ad06018-d1ed-a766-3562c7cc
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121
tap.php
pixel.rubiconproject.com/ Frame 57E2
Redirect Chain
  • https://sync.adotmob.com/cookie/rubicon?r=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D123034%26nid%3D3956%26put%3D%7Buser_token%7D&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=123034&nid=3956&put=0a00220400cfc8e2c37e0815&expires=1&gdpr=0
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=123034&nid=3956&put=0a00220400cfc8e2c37e0815&expires=1&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=123034&nid=3956&put=0a00220400cfc8e2c37e0815&expires=1&gdpr=0
date
Fri, 05 Jan 2024 01:28:44 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 57E2
Redirect Chain
  • https://rcp.c.appier.net/rbcm?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=KFJ8PyxrAC6Nv899R1uXZQ&expires=365
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=KFJ8PyxrAC6Nv899R1uXZQ&expires=365
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 05 Jan 2024 01:28:44 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=KFJ8PyxrAC6Nv899R1uXZQ&expires=365
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
131
token
pixel.rubiconproject.com/ Frame 57E2
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/rb.gif?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=711370&nid=5504&put=a6cf1cbc-4036-4199-86d7-bf338a8581fc&expires=365&next=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Drubi...
  • https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=rubicon&inventory_source=0
  • https://pixel.rubiconproject.com/token?pid=49038&puid=a6cf1cbc-4036-4199-86d7-bf338a8581fc
0
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=49038&puid=a6cf1cbc-4036-4199-86d7-bf338a8581fc
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/token?pid=49038&puid=a6cf1cbc-4036-4199-86d7-bf338a8581fc
Date
Fri, 05 Jan 2024 01:28:44 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame 57E2
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=wEAGKYle1Rlz0J5&expires=30&gdpr=0&us_privacy=1---
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=wEAGKYle1Rlz0J5&expires=30&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:44 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0d750058cf9bb9763@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=wEAGKYle1Rlz0J5&expires=30&gdpr=0&us_privacy=1---
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 57E2
Redirect Chain
  • https://s.company-target.com/s/rp?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=1fd04be1-3440-42f9-b2aa-4a09ecf87f03
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=1fd04be1-3440-42f9-b2aa-4a09ecf87f03
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 05 Jan 2024 01:28:43 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.rubiconproject.com
location
https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=1fd04be1-3440-42f9-b2aa-4a09ecf87f03
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
ads
googleads.g.doubleclick.net/pagead/ Frame C637 		39 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3958635835380150&output=html&h=90&slotname=2236707769&adk=3038292959&adf=4198762026&pi=t.ma~as.2236707769&w=728&fwrn=4&fwrnh=100&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704418123241&bpp=4&bdt=667&idt=474&shv=r20240104&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4073493798650&frm=8&ife=1&pv=2&ga_vid=2101351473.1704418124&ga_sid=1704418124&ga_hid=2091654250&ga_fc=0&nhd=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2162050837&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C42531644&oid=2&pvsid=510025747810085&tmod=347050201&uas=0&nvt=1&etu=AA-V4qPa8lkU2Wf8WCBMMiTk9-yswTeTMSTo9oPdFa0ojoZl2fWeF2GyIGWzDdMAQ4WnWmnAWapoZzay7iZuINTwn3F2dkLfQvDSTyAlTUSaPCFxlHIt-K8wdbVECfdBcIF8_7lmHVVJnHZPr_EoOYMq2KQtBa0GiIRvcdBfIsPbxHqau9D4K8OTdDGrGyahGDOdEYlQuOrviK8&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d2zwz8t2fh&fsb=1&dtd=676
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
6c4cef8864c05593c811075155354b213dc7ebb1f5e63fc0326a228bd6fa2105
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16795
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 01:28:44 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1819 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240104&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8dae7c3dad25611fa04cb5fa1071b678ef2250f913fa31ab8cd20e044bc331ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12244
x-xss-protection
0
player-event
events.qortex.ai/api/v1/ 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7%2FibSUPAqBmBTgStIhAbTN%2Fk8cpzu5ti6kZq%2FLjTHSHzi66gEtLNPGxtEyfBYrx7iv4124S1C3dHd9DWUufk9zfIbrslSjRo%2Bq6d3ZhnQxQEC9QZOB6CaRHyIzqTwkgupURxYISZJ7%2FSyHkTH0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f23b6ee97449-MIA
content-length
0
player-event
events.qortex.ai/api/v1/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOJteqsqEALu6RDTAWEWer3gt5RnmLlBZtnugCddoU9M4v30VETSA%2Fk5Wp4gHskEBFEnGdVQeAVfy81KRZMow5SVBK2j5TG621CZ0kg0xp7WA5F8w2hgguJOq5Hs9BZEoUe3fIWHeJu6EP2D%2FQ8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f23b6eec7449-MIA
content-length
0
match
events-ssc.33across.com/ Frame 4207 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=25&external_user_id=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Fri, 05 Jan 2024 01:28:44 GMT
via
1.1 google
match
events-ssc.33across.com/ Frame C9D0 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=25&external_user_id=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Fri, 05 Jan 2024 01:28:44 GMT
via
1.1 google
match
events-ssc.33across.com/ Frame CF6C 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=25&external_user_id=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Fri, 05 Jan 2024 01:28:44 GMT
via
1.1 google
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2454078064861757&correlator=2671442829292071&eid=31077976%2C31080198%2C31079723&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=281191609%3A5136785%2Ccityspark_oahu&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=12&didk=564184613&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dd5d9bc13cd177aaf%3AT%3D1704418107%3ART%3D1704418107%3AS%3DALNI_MZ4BZolVYIVHU4en5ncGzXTq6T5rg&gpic=UID%3D00000db0f4ed2e2f%3AT%3D1704418107%3ART%3D1704418107%3AS%3DALNI_Masyh_oFPy02WMRXLg2ivGrwvOkVA&abxe=1&dt=1704418124055&lmt=1704418124&adxs=1024&adys=2065&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=c&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=300&ga_vid=495654607.1704418108&ga_sid=1704418108&ga_hid=66608816&ga_fc=true&dlt=1704418103961&idt=3595&prev_scp=frstlk%3Dtrue&cust_params=pagetype%3Dnational-news%252Ctop-news%252Cros%26hi_site%3DHSA%26site%3Dstaradvertiser.com&adks=1413280974&frm=20
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8777344a99637e24d7cc113966d881a606c442420b686a2c24405094105d454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:44 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13167
x-xss-protection
0
google-lineitem-id
6308504833
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138437589352
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f239ec0c7449-MIA
date
Fri, 05 Jan 2024 01:28:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmBPRUuu8%2FTcZRzOQW1sLIyekwxRkMgeuarprhXUaiWTy8GqqDI69SZjqgILZB4ordMiI2pV7NBiRGil3zkGfRnatfm5H0TWBVJxta9TPqDvs1l7D0H2tT6xEHHOmhg70I7vXzuGhlgz1tWf9ro%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f23a1c657449-MIA
date
Fri, 05 Jan 2024 01:28:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5QFnvKvvzp8M%2FRUnR6%2BKV8Ug4ZvF7jvPBsYEQsk3L1lq4cTGCKsjZhMDuKcfKJa2ow%2BntjxzMoxYBpKzYCWIJpqLC%2BIpieLDMJdDLYCF8QnvID%2Byukm%2BxfXIBFP8IprXCkd4WTDczjRU%2BIIUIM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f23abdbb7449-MIA
date
Fri, 05 Jan 2024 01:28:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYPBGh3k%2FlSC96VAf94M%2BwlB%2B5KmvYBdZyi3y2aGqjMXEwd%2BLlOSK%2BE%2BbjXhmu4ywbYoU0qEYdwkx0Evg2qmDtwxC6qTfgOiy1SfiqH0lnktuG2r55TZKeVqqjwDw1KPhTktf3NsslpklNqMnUc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f23acdc87449-MIA
date
Fri, 05 Jan 2024 01:28:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c23I48GKWd6HmZM61Ysl2kMETrZgJ4JAN7VMRK1ri4TR%2FlSlpd6jfsBsdDsjGXeZ5Jt7iRbr4m%2BCom73XwGpvIdH9B7%2F2cJExQyrPzZVzzJQ8zI2rw9R9suPNLcvvJ5WQExstqYJT%2FItIm0cXpU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1819 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 Ashburn, United States, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 01:28:44 GMT
pubmatic
s.seedtag.com/cs/cookiesync/ Frame BF15 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 05 Jan 2024 01:28:44 GMT
server
openresty
via
1.1 google
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 3247 		84 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:5800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
999f5ed0e1d4d5d78f5afc1301a38c0c5d8aaffb16f511a910bf13025beaff1e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
vDZ03Nh4PHNVrs8HyofZavC0FIVLpp1Y
content-encoding
br
via
1.1 9fb7397504a65afc778db3eb0ee0bfa4.cloudfront.net (CloudFront)
date
Fri, 05 Jan 2024 00:03:13 GMT
last-modified
Thu, 30 Nov 2023 21:16:10 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
age
5144
x-amz-server-side-encryption
AES256
etag
W/"ed389335ec0a417a07e8124e53be2300"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-id
KR3RSPGzemb9dM_eaysbuuTdMldvz83EKddV9mf4qf52ZCMwrPEPKQ==
view
securepubads.g.doubleclick.net/pcs/ Frame 3247 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuDNNC1D1KiZ0QW2zbWD5zJiaxMTJzoUxySYN5S7BsrJP14SQrVx01i-6FMszH7Qho-PrblDy3vbYVxItz4cNLFKARMxzbDMnKkB1YeGPGnS18KqCU1JlIB-r56MDMFGK2rZJTseCnGetU0sma9rjeimQsrAGcFkhjfy2J3XO7FzwUwQEyTCNuuykwIuiHD7FOTUpuyzWS-X3Hl21Qw5XQjJH9F4sGNCi7CrRmoOCEezrq_9UF7IVjwz7Ia4o-ri6AZWueQ53urRG83zjFrY15Vt3PbIDB1ilUlSz0UVWjN1N3Po3_Cnh9ThXXRpLciP8t8fe-2Fuket02tYDZfQH60sTF3ZJITRHqYGUvn2Y7G3wDN8er__UvshCCsfZTV_o&sai=AMfl-YS6Vep3ubnz1RJ35XXkTXyBrJixb9jcXLKK6Nej7ce5lOPGk9EVGgVrgRRGpLK-ZSZoyzhLmrYykKJupbTBTie387rVRc1gNOI9QHMT5TmMCypQhiB-ZzPXSreXHHE&sig=Cg0ArKJSzCpG-XMvakpTEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3247 		204 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:28:44 GMT
7112679327604372142
tpc.googlesyndication.com/simgad/ Frame 3247 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7112679327604372142?
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 Ashburn, United States, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
df20d6a696c00699cbf5d87094feb2b052ef949d3c1da0d261809e04b782394c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 02:46:03 GMT
date
Tue, 02 Jan 2024 02:46:03 GMT
x-content-type-options
nosniff
age
254561
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69551
x-xss-protection
0
last-modified
Tue, 20 Jun 2023 13:35:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
cms-2-rubicon.min.js
cti.w55c.net/ct/ Frame 7BAA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cti.w55c.net/ct/cms-2-rubicon.min.js
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c-rubicon.html?gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:f800:3:4706:a6c0:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c7987d2f26ca9bf8254df658877b74005f2e90d3f477eacc606e011341d8082
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cti.w55c.net/ct/cms-2c-rubicon.html?gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
4wUy6FG8mI1tQq9b3POfj8uoA5V85xC6
content-encoding
gzip
via
1.1 03efa14de61e5d90be5300eba235f560.cloudfront.net (CloudFront)
date
Wed, 03 Jan 2024 22:09:31 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-amz-cf-pop
IAD79-C3
age
98354
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 17 Sep 2021 21:17:39 GMT
server
AmazonS3
etag
W/"d7ff0f4ef590b94bd79fc9b61a13ef4e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
must-revalidate
x-amz-cf-id
zF5Jk_PAkg6_w-mpxs9kzhDJpHe3gfvcBFU-oLMFcgIyq07DNRo7Cw==
user-sync
sync.adkernel.com/ Frame 4C91
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=L1gWZthZ
  • https://sync.adkernel.com/user-sync?dsp=86&t=image&uid=c73598e4-19af-4225-ad41-0db5af961cdf
42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?dsp=86&t=image&uid=c73598e4-19af-4225-ad41-0db5af961cdf
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=176101&r=https%3A%2F%2Fdemand.qortex.ai%2Fsync%3Fakuid%3Dhttps%3A%2F%2Fwww.staradvertiser.com%7C%7BUID%7D
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:44 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.adkernel.com/user-sync?dsp=86&t=image&uid=c73598e4-19af-4225-ad41-0db5af961cdf
date
Fri, 05 Jan 2024 01:28:44 GMT
content-length
0
bidswitch
sync-dmp.mobtrakk.com/match/ Frame 4C91
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=catapultx&user_id=A2580877537250048855
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=&consent=&usp=&ssp=catapultx&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc
43 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=&consent=&usp=&ssp=catapultx&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=176101&r=https%3A%2F%2Fdemand.qortex.ai%2Fsync%3Fakuid%3Dhttps%3A%2F%2Fwww.staradvertiser.com%7C%7BUID%7D
Protocol
H2
Server
5.161.188.99 Ashburn, United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.99.188.161.5.clients.your-server.de
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx
content-length
43
content-type
image/gif

Redirect headers

Location
//sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=&consent=&usp=&ssp=catapultx&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Date
Fri, 05 Jan 2024 01:28:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
user-sync
sync.adkernel.com/ Frame 4C91
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=1f5c0b51-7f88-40e2-9e81-903a3403a7ce
  • https://sync.adkernel.com/user-sync?dsp=79&t=image&uid=d32de12f-65c3-42c1-a39f-1a86978ca970
42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?dsp=79&t=image&uid=d32de12f-65c3-42c1-a39f-1a86978ca970
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=176101&r=https%3A%2F%2Fdemand.qortex.ai%2Fsync%3Fakuid%3Dhttps%3A%2F%2Fwww.staradvertiser.com%7C%7BUID%7D
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:44 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
42
Content-Type
image/gif

Redirect headers

x-servername
Track002-iad
pragma
no-cache
date
Fri, 05 Jan 2024 01:27:47 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://sync.adkernel.com/user-sync?dsp=79&t=image&uid=d32de12f-65c3-42c1-a39f-1a86978ca970
cache-control
private,no-cache
content-length
216
expires
-1
pixels
bcp.crwdcntrl.net/ Frame C315 		835 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?src=LTJS&s=22%2C41%2C12%2C54%2C7%2C3&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.158.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-158-19.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
abecb263210036c0a1f703c5e83361e4d5e9c1b3f7b6311b9f79e04a575dcb26

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-length
835
content-type
text/html
date
Fri, 05 Jan 2024 01:28:44 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.5.56
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CBC5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 Ashburn, United States, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
21609
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 19:28:35 GMT
expires
Fri, 03 Jan 2025 19:28:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9721 		829 B
562 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::93 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d5c34b347e0993a34b7cb0540222e6a9274a4d23696aaacaa9ce199d890410fc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DT2X-U3oK6P32_KLJC-LzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-DT2X-U3oK6P32_KLJC-LzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 01:28:44 GMT
expires
Fri, 05 Jan 2024 01:28:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.html
eus.rubiconproject.com/ Frame 3AE8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=24138
  • https://eus.rubiconproject.com/usync.html?p=24138
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=24138
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=176101&r=https%3A%2F%2Fdemand.qortex.ai%2Fsync%3Fakuid%3Dhttps%3A%2F%2Fwww.staradvertiser.com%7C%7BUID%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:44 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:44 GMT
location
https://eus.rubiconproject.com/usync.html?p=24138
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 4654 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=79867bec466cc91
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=176101&r=https%3A%2F%2Fdemand.qortex.ai%2Fsync%3Fakuid%3Dhttps%3A%2F%2Fwww.staradvertiser.com%7C%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
SPug
simage4.pubmatic.com/AdServer/ Frame A54C 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157743&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
view
securepubads.g.doubleclick.net/pcs/ Frame 3247 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst53Ll7B97u8RI-3x1Ls8hgcudVsS8lyF7Q6cfe6JP5VdVri4BLg8vcAVi-yMSKS3s5HViargda4TkgVn-_-NjnBHEA0MLK4gl7dTGo5IeJJFZxdX8GgUFZnXYnK8i1LoYIpgpd2UrZCmXvYWmACmvCFjJKZx6CUa5mBzZmZ8iNuzJaUN3nd9ByVizdR4yaFFh-bARpFhrodi22XMuS-zI-A07P8tOacA0H_Hh6JvrYCMem710jchw1A8HANMRYA7Vsa3QIAE358EXIidiXNY7vLhtBDMlY6Mpl0rStfPuwTdaoq7mTCm_CHRxjO6YT__KFIMxgIq4PKqqhqtde9dw7JqfWEfKebLFbqFwH5wjs05toTsWtegpvzqAyJHOYV56RFg&sai=AMfl-YTnAnnjki7L-lh1hfOqB2YTCLiwUWCxCCSlfqiFqJqQYKFerGF6533-qQ7-q4DQkquTnVigp-5yEsSNE_Nxfr2h74ms_9aagVSqcaS4dhw_M_YYjoTTR7baO3ZCvd4&sig=Cg0ArKJSzGRTFjL9HVJOEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 05 Jan 2024 01:28:44 GMT
truncated
/ Frame 3247 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b953de94a25e639082857000970c29d7d628e8743c9f257debf84323924e83f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame C315 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YzdhZDY1Mjc4YTBjMTlhZWExMTcyM2I3MzY0ZDhhMjE&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=22%2C41%2C12%2C54%2C7%2C3&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame C315
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-JbJh5b9E2py02Ma9dcmX4lgzhd2t__M0y.s-~A&gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-JbJh5b9E2py02Ma9dcmX4lgzhd2t__M0y.s-~A&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=22%2C41%2C12%2C54%2C7%2C3&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
3.226.158.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-158-19.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:45 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.48.27
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-JbJh5b9E2py02Ma9dcmX4lgzhd2t__M0y.s-~A&gdpr=0
date
Fri, 05 Jan 2024 01:28:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
5907
tags.bluekai.com/site/ Frame C315 		62 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=37ecc35ed83cd79d9377690dd9554d19
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=22%2C41%2C12%2C54%2C7%2C3&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.145.114 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-145-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Fri, 05 Jan 2024 01:28:44 GMT
content-length
62
content-type
image/gif
qmap
sync.crwdcntrl.net/ Frame C315
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&gdpr=0&gdpr_consent=
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&gdpr=0&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=22%2C41%2C12%2C54%2C7%2C3&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
3.226.158.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-158-19.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:44 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.54.39
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&gdpr=0&gdpr_consent=
Date
Fri, 05 Jan 2024 01:28:44 GMT
Connection
keep-alive
Content-Length
167
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame C315 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=YzdhZDY1Mjc4YTBjMTlhZWExMTcyM2I3MzY0ZDhhMjE&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=22%2C41%2C12%2C54%2C7%2C3&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7898252983751812422/ Frame C315
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/c7ad65278a0c19aea11723b7364d8a21/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7898252983751812422/gdpr=0
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7898252983751812422/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=22%2C41%2C12%2C54%2C7%2C3&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
3.226.158.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-158-19.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:44 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.10.176
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7898252983751812422/gdpr=0
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
match-result
tags.w55c.net/ Frame 7BAA
Redirect Chain
  • https://pm.w55c.net/m.gif?rurl=//cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=_wfivefivec64esc_&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d0VBR0tZbGUxUmx6MEo1&google_cm
  • https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEE2qxcdLZRh-zIaR9-SIwds&google_cver=1
42 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEE2qxcdLZRh-zIaR9-SIwds&google_cver=1
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c-rubicon.html?gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Server
54.156.229.21 Ashburn, United States, ASN (),
Reverse DNS
ec2-54-156-229-21.compute-1.amazonaws.com
Software
Retargeting/v2.0.30-795-gb641a57#rel-ec2-master i-0d750058cf9bb9763@us-east-1b@dxedge-app-us-east-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:44 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
Retargeting/v2.0.30-795-gb641a57#rel-ec2-master i-0d750058cf9bb9763@us-east-1b@dxedge-app-us-east-1-prod-asg
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Forwarded-Proto
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEE2qxcdLZRh-zIaR9-SIwds&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
384
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2964
tags.bluekai.com/site/ Frame 7BAA 		62 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/2964?id=wEAGKYle1Rlz0J5
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c-rubicon.html?gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.145.114 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-145-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Fri, 05 Jan 2024 01:28:44 GMT
content-length
62
content-type
image/gif
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame C637 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3958635835380150&output=html&h=90&slotname=2236707769&adk=3038292959&adf=4198762026&pi=t.ma~as.2236707769&w=728&fwrn=4&fwrnh=100&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704418123241&bpp=4&bdt=667&idt=474&shv=r20240104&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4073493798650&frm=8&ife=1&pv=2&ga_vid=2101351473.1704418124&ga_sid=1704418124&ga_hid=2091654250&ga_fc=0&nhd=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2162050837&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C42531644&oid=2&pvsid=510025747810085&tmod=347050201&uas=0&nvt=1&etu=AA-V4qPa8lkU2Wf8WCBMMiTk9-yswTeTMSTo9oPdFa0ojoZl2fWeF2GyIGWzDdMAQ4WnWmnAWapoZzay7iZuINTwn3F2dkLfQvDSTyAlTUSaPCFxlHIt-K8wdbVECfdBcIF8_7lmHVVJnHZPr_EoOYMq2KQtBa0GiIRvcdBfIsPbxHqau9D4K8OTdDGrGyahGDOdEYlQuOrviK8&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d2zwz8t2fh&fsb=1&dtd=676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 Ashburn, United States, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:36:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
39147
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 14:36:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame C637 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3958635835380150&output=html&h=90&slotname=2236707769&adk=3038292959&adf=4198762026&pi=t.ma~as.2236707769&w=728&fwrn=4&fwrnh=100&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704418123241&bpp=4&bdt=667&idt=474&shv=r20240104&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4073493798650&frm=8&ife=1&pv=2&ga_vid=2101351473.1704418124&ga_sid=1704418124&ga_hid=2091654250&ga_fc=0&nhd=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2162050837&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C42531644&oid=2&pvsid=510025747810085&tmod=347050201&uas=0&nvt=1&etu=AA-V4qPa8lkU2Wf8WCBMMiTk9-yswTeTMSTo9oPdFa0ojoZl2fWeF2GyIGWzDdMAQ4WnWmnAWapoZzay7iZuINTwn3F2dkLfQvDSTyAlTUSaPCFxlHIt-K8wdbVECfdBcIF8_7lmHVVJnHZPr_EoOYMq2KQtBa0GiIRvcdBfIsPbxHqau9D4K8OTdDGrGyahGDOdEYlQuOrviK8&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d2zwz8t2fh&fsb=1&dtd=676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 Ashburn, United States, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:36:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
39147
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 14:36:17 GMT
l
www.google.com/ads/measurement/ Frame C637 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3UCUdBw6RgFXay2tiho20xFx9EORyIipimBR0p6mPPkndbwdi-r21lllP_iX6UmhwMr0i--ELOymK60xqZCE9y1LXWA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3958635835380150&output=html&h=90&slotname=2236707769&adk=3038292959&adf=4198762026&pi=t.ma~as.2236707769&w=728&fwrn=4&fwrnh=100&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704418123241&bpp=4&bdt=667&idt=474&shv=r20240104&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4073493798650&frm=8&ife=1&pv=2&ga_vid=2101351473.1704418124&ga_sid=1704418124&ga_hid=2091654250&ga_fc=0&nhd=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2162050837&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C42531644&oid=2&pvsid=510025747810085&tmod=347050201&uas=0&nvt=1&etu=AA-V4qPa8lkU2Wf8WCBMMiTk9-yswTeTMSTo9oPdFa0ojoZl2fWeF2GyIGWzDdMAQ4WnWmnAWapoZzay7iZuINTwn3F2dkLfQvDSTyAlTUSaPCFxlHIt-K8wdbVECfdBcIF8_7lmHVVJnHZPr_EoOYMq2KQtBa0GiIRvcdBfIsPbxHqau9D4K8OTdDGrGyahGDOdEYlQuOrviK8&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d2zwz8t2fh&fsb=1&dtd=676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::93 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C637 		204 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3958635835380150&output=html&h=90&slotname=2236707769&adk=3038292959&adf=4198762026&pi=t.ma~as.2236707769&w=728&fwrn=4&fwrnh=100&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704418123241&bpp=4&bdt=667&idt=474&shv=r20240104&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4073493798650&frm=8&ife=1&pv=2&ga_vid=2101351473.1704418124&ga_sid=1704418124&ga_hid=2091654250&ga_fc=0&nhd=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2162050837&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C42531644&oid=2&pvsid=510025747810085&tmod=347050201&uas=0&nvt=1&etu=AA-V4qPa8lkU2Wf8WCBMMiTk9-yswTeTMSTo9oPdFa0ojoZl2fWeF2GyIGWzDdMAQ4WnWmnAWapoZzay7iZuINTwn3F2dkLfQvDSTyAlTUSaPCFxlHIt-K8wdbVECfdBcIF8_7lmHVVJnHZPr_EoOYMq2KQtBa0GiIRvcdBfIsPbxHqau9D4K8OTdDGrGyahGDOdEYlQuOrviK8&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d2zwz8t2fh&fsb=1&dtd=676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:28:44 GMT
usync.js
eus.rubiconproject.com/ Frame 3AE8 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=24138
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=24138
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12339
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame A1B4 		120 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=ZZdbTAADEn4IaCcKAAqevDP4T4gK--tJYxAIPA&u=%7CXEfrSS7KiJg%2B9O89rc8um8RLWiSWScKmFJit12HXCT0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF001uFa70DxO771mhLI1SmYvQ9FXoJngGw0jSGyv6XqYV-HaV7b-k68p07I58TBoWW9SmQGUnbYk85VzSbI3HyWCwADQAMnopGNApTYdJo3vx9ZlPWs9PuD-hFZCQbJEdHk-WIocY6OGbRGt7c92wCYCBlz7b9I7yjnyPnNviktPPKETUfbd5cLMlB2ICGsWsXqsE5YUy_1sm895CB2EQ5quBK5Vq6BTz9ffpskTWWjNucJhLY-EY5YReaUqBDEXLAsdSZX4sDeHfe8Pf3qg-J_Dsti464UdK6M0rVtXzCQSusv0MSpZJpk_OFvw8B-S4pO5na1tqDTISFtOPMaLuNYJdzVuwkuI397bwMWXwTomTvSBNfHzyEkD3faLdcOA7s9KmknNjmvVJjWWKCcIkqvdkH_l7M79B-qEQ6yTo0VW3FjfmUuNd1HjCfzyXD7_Jot2Yrd6cr1fPH8U_0V16wbmXKL6AcqbWCUTCnbKek7LHUygdhwaOuSQE8TAsl0VbV0soKN-IXYEhd05btgHhtuSOWJhMu9DDh0911J87z4l88&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClSsVTFuXZf6kDIrOoPMPvL2q0AGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzk1ODYzNTgzNTM4MDE1MMgBCagDAcgDAqoE-QFP0MYLP0Zd97MTteqCpyeG03lsjd73PHt364L9sldo7vutiXtONUz-FNpw78CVo1WQW6qMctuDMFML2Sfogz116Q6au5vhjRfKtE3nEXyDjpsuqimZHK5detsPBWo15fW9ztohboWrNEumMWznw1AdROyfIlz1VTq1RUBycHUzl_ZwhbuSkllrRMLzdj__PmrpHMU2GnxriVkxqDOJxsQUdiMLqo2MxH86S-nleLUOMdP8wyo-4150tqxX6lk1xMjc4u_T91AsVml8yVKwvXWIUaOondQvL1_NE-5IGg8fVgdzRZPFeE3jq084BEYI1QnYkmnjpv9jwwGABpju34yH193snAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY6N_dpozFgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jiM41XGdHkD9DsOKJ_cSvsEAeFw%26client%3Dca-pub-3958635835380150%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3958635835380150&output=html&h=90&slotname=2236707769&adk=3038292959&adf=4198762026&pi=t.ma~as.2236707769&w=728&fwrn=4&fwrnh=100&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704418123241&bpp=4&bdt=667&idt=474&shv=r20240104&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4073493798650&frm=8&ife=1&pv=2&ga_vid=2101351473.1704418124&ga_sid=1704418124&ga_hid=2091654250&ga_fc=0&nhd=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2162050837&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C42531644&oid=2&pvsid=510025747810085&tmod=347050201&uas=0&nvt=1&etu=AA-V4qPa8lkU2Wf8WCBMMiTk9-yswTeTMSTo9oPdFa0ojoZl2fWeF2GyIGWzDdMAQ4WnWmnAWapoZzay7iZuINTwn3F2dkLfQvDSTyAlTUSaPCFxlHIt-K8wdbVECfdBcIF8_7lmHVVJnHZPr_EoOYMq2KQtBa0GiIRvcdBfIsPbxHqau9D4K8OTdDGrGyahGDOdEYlQuOrviK8&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d2zwz8t2fh&fsb=1&dtd=676
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
a0e7bc47b2d6fca6cc50103877ff4d65ef76cdf8037c925be2ea2d33f2ede926
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 01:28:44 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=2kihzg9UISSGukduTL4RIzL5w40dvN8Z_irf-uvMTFHWIXUShpIXzijc3nbU260lHTzxMjxgNQaj2B6_IHkv2w31thd4xmJXPYJ_4vuYR1yRbKpaoeGYPzXCltHJ9lfKQn_lMBLmmEv0-ILCMUOjg2zV99JMsJe4aH5VadyizSWGiJXAjtRAMF9FnPX-hD7OGac1MHF5f6DRfmcj3m3i1zAvVoXg79Y1kK-BgvsziIFCe9CbwCQn2zBbfw_qmm0-vVMR9w"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
33508146
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D2FE 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3958635835380150&output=html&h=90&slotname=2236707769&adk=3038292959&adf=4198762026&pi=t.ma~as.2236707769&w=728&fwrn=4&fwrnh=100&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704418123241&bpp=4&bdt=667&idt=474&shv=r20240104&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4073493798650&frm=8&ife=1&pv=2&ga_vid=2101351473.1704418124&ga_sid=1704418124&ga_hid=2091654250&ga_fc=0&nhd=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2162050837&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C42531644&oid=2&pvsid=510025747810085&tmod=347050201&uas=0&nvt=1&etu=AA-V4qPa8lkU2Wf8WCBMMiTk9-yswTeTMSTo9oPdFa0ojoZl2fWeF2GyIGWzDdMAQ4WnWmnAWapoZzay7iZuINTwn3F2dkLfQvDSTyAlTUSaPCFxlHIt-K8wdbVECfdBcIF8_7lmHVVJnHZPr_EoOYMq2KQtBa0GiIRvcdBfIsPbxHqau9D4K8OTdDGrGyahGDOdEYlQuOrviK8&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d2zwz8t2fh&fsb=1&dtd=676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
36105
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 15:27:00 GMT
etag
48472445140208031
expires
Fri, 05 Jan 2024 15:27:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 3247 		0
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=804666
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osnFfax4G8T5FcJ2LZudvT0dh9aoiXt10z%2BEM%2FawG0aS8vGlYD3Xf9exGdOVVK0yxBzJq%2BXdz%2Bvia%2Fu%2Fk3tpdshFLLLva%2FN%2FUPnGmijtWfzPmdmn0RYDVyzHxt%2FgTZckkbap%2F3zGTv8fFmuCedkI%2BjH8TA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
8407f2415a9525b8-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
F6dPQR1KKcOtcgQCDYKS
sodar
pagead2.googlesyndication.com/pagead/ Frame 9721 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240104&jk=510025747810085&rc=null
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 1819 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgRkqn5Hk41xOjJFk9-C6laEOYmQLDzx0-SpDOpCFddqoEcXso4QGwDydNd8bnF1B2D-8KKUhXtmcAovlH7VEBH6b7Vw5Wh2uNhPA3OScOb0kW6p74SyIv4cPO_4_brzhIpnxwyf1_pVEkyHpxf9WWIIMH&sig=Cg0ArKJSzMhSv2dNYDRxEAE&id=lidar2&mcvt=1177&p=274,436,364,1164&mtos=1177,1177,1177,1177,1177&tos=1177,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1564880186&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704418122124&rpt=1715&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7cfacef2-1c90-451c-ba1f-f8b58b07064e
https://www.staradvertiser.com/ Frame 3247 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/7cfacef2-1c90-451c-ba1f-f8b58b07064e
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63201d52a0bc69bd34b0a46882b8d763496a30b95beb3a78606437099b2bae88

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
player-event
events.qortex.ai/api/v1/ 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sq6UMfb%2F5OsYMo3pLjPTflkvR%2BCsjt21%2F4Ohaz%2B1ezRWhu7aXC846Q5%2BQybUUqg6iCpoy06Q2DdcBPPPQDQVdvqBUchrE%2FosdPijznxNYqW1OEuX4KAnzDYhd5OSJAEo7GAfT9F%2FA6iUL%2FUgMgE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f2424c427449-MIA
content-length
0
resources
demand.qortex.ai/api/v1/monetize/ 		21 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/monetize/resources
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f098994becd6270ce7bf67f6abc784ba16163757bddf5fe8b8bf548679c37ee1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cImRA22OXNnoPWTk61OI9BDHHUrock1xZ2Y0LGGGO%2BWKymzb5%2FnMqDAqQBU34NMrs0WztTzAm3%2BWDqDN2zX9eXj%2FpHGNaPJsUwx26BFsNa4ad2w%2FUHGnp7MeFN1RKRVH3HBBPRg8jnWVEZ3JBzI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cf-ray
8407f2425c597449-MIA
content-length
21
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f241db957449-MIA
date
Fri, 05 Jan 2024 01:28:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjKxaesmSntLIilaXZDLtxNxBeNriSI7meTzAgR4CbkHDUkSWI5WJENkVZ5GH3L0E2TM7lfLxS%2Bz6lMVPPxnps0QpjBtSLLwT58CY1%2Fbo58O9mDFkAgqIcMmZ0PgmR6CdcMXkPmMZ5iUscAlDlM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
resources
demand.qortex.ai/api/v1/monetize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/monetize/resources
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f241db977449-MIA
date
Fri, 05 Jan 2024 01:28:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f04qfblWl9eEUOOWDlmJ9E23%2FgTjWvaf6fJaIJn%2Bb5t%2BtKyXjWrbm3lhbATQBgcZ35TpflLw6JGrVF3C%2BXZtedM3VE7%2FpwLHa8Q2ERwhoznmM3h5GIVliS0ej0YF9a9vf6sxbBGANttQniGTSgU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
truncated
/ Frame C637 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ea9623103fc374a907e1e14edc7bff6acd097f9c0689b9200f12ddc9a9be130

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame CBC5 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 20:50:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
16669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jan 2025 20:50:56 GMT
khaos.json
token.rubiconproject.com/ Frame 3AE8 		7 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
sync
demand.qortex.ai/ Frame 4C91 		706 B
592 B 		Document
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/sync?akuid=https://www.staradvertiser.com|A2580877537250048855
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=176101&r=https%3A%2F%2Fdemand.qortex.ai%2Fsync%3Fakuid%3Dhttps%3A%2F%2Fwww.staradvertiser.com%7C%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08fbe8bf0d9ddbc1875e4fc477fb18058930cc44211a18582cdd47d13d5d86f3

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8407f242b887b3d4-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 05 Jan 2024 01:28:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KK8dt7MoNv65GwTUd1h0J9pmFZW7ZsW0r2yn7UtprD5ExkpKgVwv%2BGFathGL9Tr6UHJGeCebRYqULM%2FnvjEB%2B8hrW00zazbDQd9IzJQ%2B13WUWr2%2FFOngGtAZEEry1lmX6XCenOX3njmsjkoKy6E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
i.match
a.tribalfusion.com/ Frame D2FE 		43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESELzPb_22HChqPwUM2Y7KJ-s&google_cver=1&google_push=AXcoOmQ0VePOOZvJZPnhg695jiQvuS1R-CotZJXijafAgrspB7Qhuo41oM0nEzdVTRHyWZwgEboGPa-FyPl2TuvDFSBcZTEXXbS8xA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ0VePOOZvJZPnhg695jiQvuS1R-CotZJXijafAgrspB7Qhuo41oM0nEzdVTRHyWZwgEboGPa-FyPl2TuvDFSBcZTEXXbS8xA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3958635835380150&output=html&h=90&slotname=2236707769&adk=3038292959&adf=4198762026&pi=t.ma~as.2236707769&w=728&fwrn=4&fwrnh=100&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704418123241&bpp=4&bdt=667&idt=474&shv=r20240104&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4073493798650&frm=8&ife=1&pv=2&ga_vid=2101351473.1704418124&ga_sid=1704418124&ga_hid=2091654250&ga_fc=0&nhd=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2162050837&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C42531644&oid=2&pvsid=510025747810085&tmod=347050201&uas=0&nvt=1&etu=AA-V4qPa8lkU2Wf8WCBMMiTk9-yswTeTMSTo9oPdFa0ojoZl2fWeF2GyIGWzDdMAQ4WnWmnAWapoZzay7iZuINTwn3F2dkLfQvDSTyAlTUSaPCFxlHIt-K8wdbVECfdBcIF8_7lmHVVJnHZPr_EoOYMq2KQtBa0GiIRvcdBfIsPbxHqau9D4K8OTdDGrGyahGDOdEYlQuOrviK8&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d2zwz8t2fh&fsb=1&dtd=676
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:45 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8407f242b97b5f20-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D2FE
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEJBL6Mm5l35V6yzYDheCjpk&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YWZjMWM5ZDctMDk1Mi00OGQyLTkzNDYtNDlkNjFjNWUxZTc3&google_gid=CAESEJBL6Mm5l35V6yzYDheCjpk&google_cver=1&google_push=AXcoOmSE...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YWZjMWM5ZDctMDk1Mi00OGQyLTkzNDYtNDlkNjFjNWUxZTc3&google_gid=CAESEJBL6Mm5l35V6yzYDheCjpk&google_cver=1&google_push=AXcoOmSEfaPNYaT_lkbTVjW0L52wibD5ik7ajZeuTnk5PlJxibJRNoBRZU888CB6F20_o7qB0D4iCGgO0aeKz2_MWhuqkf3cB4HH_A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3958635835380150&output=html&h=90&slotname=2236707769&adk=3038292959&adf=4198762026&pi=t.ma~as.2236707769&w=728&fwrn=4&fwrnh=100&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704418123241&bpp=4&bdt=667&idt=474&shv=r20240104&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4073493798650&frm=8&ife=1&pv=2&ga_vid=2101351473.1704418124&ga_sid=1704418124&ga_hid=2091654250&ga_fc=0&nhd=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2162050837&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C42531644&oid=2&pvsid=510025747810085&tmod=347050201&uas=0&nvt=1&etu=AA-V4qPa8lkU2Wf8WCBMMiTk9-yswTeTMSTo9oPdFa0ojoZl2fWeF2GyIGWzDdMAQ4WnWmnAWapoZzay7iZuINTwn3F2dkLfQvDSTyAlTUSaPCFxlHIt-K8wdbVECfdBcIF8_7lmHVVJnHZPr_EoOYMq2KQtBa0GiIRvcdBfIsPbxHqau9D4K8OTdDGrGyahGDOdEYlQuOrviK8&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d2zwz8t2fh&fsb=1&dtd=676
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YWZjMWM5ZDctMDk1Mi00OGQyLTkzNDYtNDlkNjFjNWUxZTc3&google_gid=CAESEJBL6Mm5l35V6yzYDheCjpk&google_cver=1&google_push=AXcoOmSEfaPNYaT_lkbTVjW0L52wibD5ik7ajZeuTnk5PlJxibJRNoBRZU888CB6F20_o7qB0D4iCGgO0aeKz2_MWhuqkf3cB4HH_A
date
Fri, 05 Jan 2024 01:28:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D2FE
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECC_wCIIn-_-3YZLeMqTGF4&google_cver=1&google_push=AXcoOmTgC-CNbu7lOXNWsWVo2GghzbuQpJXyJPd1llTBcTmry7AMUAu1vkzadY7uWQNlZaTKlWRjdcOpazFlGL4DSEMvNkJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTgC-CNbu7lOXNWsWVo2GghzbuQpJXyJPd1llTBcTmry7AMUAu1vkzadY7uWQNlZaTKlWRjdcOpazFlGL4DSEMvNkJH-bfi&google_hm=eS1BN1FRNVk1RTJwRVBPYW...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTgC-CNbu7lOXNWsWVo2GghzbuQpJXyJPd1llTBcTmry7AMUAu1vkzadY7uWQNlZaTKlWRjdcOpazFlGL4DSEMvNkJH-bfi&google_hm=eS1BN1FRNVk1RTJwRVBPYWIuUE12aVZSemVXZWZVVFRkM35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3958635835380150&output=html&h=90&slotname=2236707769&adk=3038292959&adf=4198762026&pi=t.ma~as.2236707769&w=728&fwrn=4&fwrnh=100&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704418123241&bpp=4&bdt=667&idt=474&shv=r20240104&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4073493798650&frm=8&ife=1&pv=2&ga_vid=2101351473.1704418124&ga_sid=1704418124&ga_hid=2091654250&ga_fc=0&nhd=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2162050837&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C42531644&oid=2&pvsid=510025747810085&tmod=347050201&uas=0&nvt=1&etu=AA-V4qPa8lkU2Wf8WCBMMiTk9-yswTeTMSTo9oPdFa0ojoZl2fWeF2GyIGWzDdMAQ4WnWmnAWapoZzay7iZuINTwn3F2dkLfQvDSTyAlTUSaPCFxlHIt-K8wdbVECfdBcIF8_7lmHVVJnHZPr_EoOYMq2KQtBa0GiIRvcdBfIsPbxHqau9D4K8OTdDGrGyahGDOdEYlQuOrviK8&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d2zwz8t2fh&fsb=1&dtd=676
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 05 Jan 2024 01:28:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTgC-CNbu7lOXNWsWVo2GghzbuQpJXyJPd1llTBcTmry7AMUAu1vkzadY7uWQNlZaTKlWRjdcOpazFlGL4DSEMvNkJH-bfi&google_hm=eS1BN1FRNVk1RTJwRVBPYWIuUE12aVZSemVXZWZVVFRkM35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame D2FE
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT-OX...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-3e6YZ2erNoMaybDDx98yvvCxluws6vR5pClOqw&google_push=AXcoOmT-OXRr_3naXrif6eeLbJvOQBdACf1ntO-ZKQ1v9FHnLCc8GDT3wJ-K06_RMnOxeplRDPLwQKaplwfh...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-3e6YZ2erNoMaybDDx98yvvCxluws6vR5pClOqw&google_push=AXcoOmT-OXRr_3naXrif6eeLbJvOQBdACf1ntO-ZKQ1v9FHnLCc8GDT3wJ-K06_RMnOxeplRDPLwQKaplwfhtWfz2NlZD6vmFUzzWg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3958635835380150&output=html&h=90&slotname=2236707769&adk=3038292959&adf=4198762026&pi=t.ma~as.2236707769&w=728&fwrn=4&fwrnh=100&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704418123241&bpp=4&bdt=667&idt=474&shv=r20240104&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4073493798650&frm=8&ife=1&pv=2&ga_vid=2101351473.1704418124&ga_sid=1704418124&ga_hid=2091654250&ga_fc=0&nhd=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2162050837&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C42531644&oid=2&pvsid=510025747810085&tmod=347050201&uas=0&nvt=1&etu=AA-V4qPa8lkU2Wf8WCBMMiTk9-yswTeTMSTo9oPdFa0ojoZl2fWeF2GyIGWzDdMAQ4WnWmnAWapoZzay7iZuINTwn3F2dkLfQvDSTyAlTUSaPCFxlHIt-K8wdbVECfdBcIF8_7lmHVVJnHZPr_EoOYMq2KQtBa0GiIRvcdBfIsPbxHqau9D4K8OTdDGrGyahGDOdEYlQuOrviK8&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d2zwz8t2fh&fsb=1&dtd=676
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:44 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-3e6YZ2erNoMaybDDx98yvvCxluws6vR5pClOqw&google_push=AXcoOmT-OXRr_3naXrif6eeLbJvOQBdACf1ntO-ZKQ1v9FHnLCc8GDT3wJ-K06_RMnOxeplRDPLwQKaplwfhtWfz2NlZD6vmFUzzWg
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1784185
content-length
0
expires
Fri, 05 Jan 2024 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D2FE
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGFDxITmVHlA3mpFcPEJl8o&google_cver=1&google_push=AXcoOmShD1wYa52J6wBLSL5bEQ_YOh2cOhYYVVPUJXhgUhXF5zH8wRY0PXaStBgAvOzd2kXYz9Vuoxw0AbR65...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmShD1wYa52J6wBLSL5bEQ_YOh2cOhYYVVPUJXhgUhXF5zH8wRY0PXaStBgAvOzd2kXYz9Vuoxw0AbR65pjMGzQmNQLsogVLHw&google_hm=QlVlOHQ4QUdLQ2xCRl...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmShD1wYa52J6wBLSL5bEQ_YOh2cOhYYVVPUJXhgUhXF5zH8wRY0PXaStBgAvOzd2kXYz9Vuoxw0AbR65pjMGzQmNQLsogVLHw&google_hm=QlVlOHQ4QUdLQ2xCRlU5ZzVHeFE=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3958635835380150&output=html&h=90&slotname=2236707769&adk=3038292959&adf=4198762026&pi=t.ma~as.2236707769&w=728&fwrn=4&fwrnh=100&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704418123241&bpp=4&bdt=667&idt=474&shv=r20240104&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4073493798650&frm=8&ife=1&pv=2&ga_vid=2101351473.1704418124&ga_sid=1704418124&ga_hid=2091654250&ga_fc=0&nhd=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2162050837&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C42531644&oid=2&pvsid=510025747810085&tmod=347050201&uas=0&nvt=1&etu=AA-V4qPa8lkU2Wf8WCBMMiTk9-yswTeTMSTo9oPdFa0ojoZl2fWeF2GyIGWzDdMAQ4WnWmnAWapoZzay7iZuINTwn3F2dkLfQvDSTyAlTUSaPCFxlHIt-K8wdbVECfdBcIF8_7lmHVVJnHZPr_EoOYMq2KQtBa0GiIRvcdBfIsPbxHqau9D4K8OTdDGrGyahGDOdEYlQuOrviK8&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d2zwz8t2fh&fsb=1&dtd=676
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:45 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmShD1wYa52J6wBLSL5bEQ_YOh2cOhYYVVPUJXhgUhXF5zH8wRY0PXaStBgAvOzd2kXYz9Vuoxw0AbR65pjMGzQmNQLsogVLHw&google_hm=QlVlOHQ4QUdLQ2xCRlU5ZzVHeFE=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
238
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D2FE
Redirect Chain
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEAGgGkNBWe5Im6b0jgHyFUs&google_cver=1&google_push=AXcoOmReO_54jgLKwwFvkvYv8KiQud44f1yEQosKaFmieOTqhs57EGnyl-jnOT9AIo0IlvOyWZ95O_JMKioG46mPz...
  • https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MzZmOWY1Zjc1OTA1ZTA4&google_push=AXcoOmReO_54jgLKwwFvkvYv8KiQud44f1yEQosKaFmieOTqhs57EGnyl-jnOT9AIo0IlvOyWZ95O_JMKioG46mPzTJ6Eag08P...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MzZmOWY1Zjc1OTA1ZTA4&google_push=AXcoOmReO_54jgLKwwFvkvYv8KiQud44f1yEQosKaFmieOTqhs57EGnyl-jnOT9AIo0IlvOyWZ95O_JMKioG46mPzTJ6Eag08PaAetQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3958635835380150&output=html&h=90&slotname=2236707769&adk=3038292959&adf=4198762026&pi=t.ma~as.2236707769&w=728&fwrn=4&fwrnh=100&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704418123241&bpp=4&bdt=667&idt=474&shv=r20240104&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4073493798650&frm=8&ife=1&pv=2&ga_vid=2101351473.1704418124&ga_sid=1704418124&ga_hid=2091654250&ga_fc=0&nhd=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2162050837&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C42531644&oid=2&pvsid=510025747810085&tmod=347050201&uas=0&nvt=1&etu=AA-V4qPa8lkU2Wf8WCBMMiTk9-yswTeTMSTo9oPdFa0ojoZl2fWeF2GyIGWzDdMAQ4WnWmnAWapoZzay7iZuINTwn3F2dkLfQvDSTyAlTUSaPCFxlHIt-K8wdbVECfdBcIF8_7lmHVVJnHZPr_EoOYMq2KQtBa0GiIRvcdBfIsPbxHqau9D4K8OTdDGrGyahGDOdEYlQuOrviK8&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d2zwz8t2fh&fsb=1&dtd=676
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MzZmOWY1Zjc1OTA1ZTA4&google_push=AXcoOmReO_54jgLKwwFvkvYv8KiQud44f1yEQosKaFmieOTqhs57EGnyl-jnOT9AIo0IlvOyWZ95O_JMKioG46mPzTJ6Eag08PaAetQ
date
Fri, 05 Jan 2024 01:28:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx
content-length
0
pixel
cm.g.doubleclick.net/ Frame D2FE
Redirect Chain
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEF6X5kj7sES0pqBY6XtIoW0&google_cver=1&google_push=AXcoOmTj9rDjrbpAJtq3rNTKo_R0_SQJrWf5YhnxYjKG_DVoYEpX7q-fw088MUGyTv2HN0r6x-G9vUBk39gUW_d7EoFEy...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTj9rDjrbpAJtq3rNTKo_R0_SQJrWf5YhnxYjKG_DVoYEpX7q-fw088MUGyTv2HN0r6x-G9vUBk39gUW_d7EoFEyHjNNZJ-pMI&google_hm=746ded2276f...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTj9rDjrbpAJtq3rNTKo_R0_SQJrWf5YhnxYjKG_DVoYEpX7q-fw088MUGyTv2HN0r6x-G9vUBk39gUW_d7EoFEyHjNNZJ-pMI&google_hm=746ded2276f7b82e2lucx800lqzyji0f
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3958635835380150&output=html&h=90&slotname=2236707769&adk=3038292959&adf=4198762026&pi=t.ma~as.2236707769&w=728&fwrn=4&fwrnh=100&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704418123241&bpp=4&bdt=667&idt=474&shv=r20240104&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4073493798650&frm=8&ife=1&pv=2&ga_vid=2101351473.1704418124&ga_sid=1704418124&ga_hid=2091654250&ga_fc=0&nhd=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2162050837&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C42531644&oid=2&pvsid=510025747810085&tmod=347050201&uas=0&nvt=1&etu=AA-V4qPa8lkU2Wf8WCBMMiTk9-yswTeTMSTo9oPdFa0ojoZl2fWeF2GyIGWzDdMAQ4WnWmnAWapoZzay7iZuINTwn3F2dkLfQvDSTyAlTUSaPCFxlHIt-K8wdbVECfdBcIF8_7lmHVVJnHZPr_EoOYMq2KQtBa0GiIRvcdBfIsPbxHqau9D4K8OTdDGrGyahGDOdEYlQuOrviK8&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d2zwz8t2fh&fsb=1&dtd=676
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 05 Jan 2024 01:28:45 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTj9rDjrbpAJtq3rNTKo_R0_SQJrWf5YhnxYjKG_DVoYEpX7q-fw088MUGyTv2HN0r6x-G9vUBk39gUW_d7EoFEyHjNNZJ-pMI&google_hm=746ded2276f7b82e2lucx800lqzyji0f
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
attr
cm.g.doubleclick.net/pixel/ Frame D2FE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JXhWIyaXQ1EK7z6UseeMT_mkA0w6m36jdsdv6fKrK7vPIYepu3fhM46YtFeQg7xZjNN53eoOg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3958635835380150&output=html&h=90&slotname=2236707769&adk=3038292959&adf=4198762026&pi=t.ma~as.2236707769&w=728&fwrn=4&fwrnh=100&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704418123241&bpp=4&bdt=667&idt=474&shv=r20240104&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4073493798650&frm=8&ife=1&pv=2&ga_vid=2101351473.1704418124&ga_sid=1704418124&ga_hid=2091654250&ga_fc=0&nhd=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2162050837&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C42531644&oid=2&pvsid=510025747810085&tmod=347050201&uas=0&nvt=1&etu=AA-V4qPa8lkU2Wf8WCBMMiTk9-yswTeTMSTo9oPdFa0ojoZl2fWeF2GyIGWzDdMAQ4WnWmnAWapoZzay7iZuINTwn3F2dkLfQvDSTyAlTUSaPCFxlHIt-K8wdbVECfdBcIF8_7lmHVVJnHZPr_EoOYMq2KQtBa0GiIRvcdBfIsPbxHqau9D4K8OTdDGrGyahGDOdEYlQuOrviK8&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d2zwz8t2fh&fsb=1&dtd=676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
googleads.g.doubleclick.net/pagead/ Frame C637 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C33zYTFuXZf6kDIrOoPMPvL2q0AGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzk1ODYzNTgzNTM4MDE1MMgBCagDAcgDAqoE9gFP0MYLP0Zd97MTteqCpyeG03lsjd73PHt364L9sldo7vutiXtONUz-FNpw78CVo1WQW6qMctuDMFML2Sfogz116Q6au5vhjRfKtE3nEXyDjpsuqimZHK5detsPBWo15fW9ztohboWrNEumMWznw1AdROyfIlz1VTq1RUBycHUzl_ZwhbuSkllrRMLzdj__PmrpHMU2GnxriVkxqDOJxsQUdiMLqo2MxH86S-nleLUOMdP8wyo-4150tqxX6lk1xMjc4u_T91AsVml8yVKwvXWIUeGqvUbpkrS3mgV3zoMmsaPCSrvMVlUnMLxCjY-2yyXAE613nxiABpju34yH193snAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY6N_dpozFgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzk1ODYzNTgzNTM4MDE1MBgA&sigh=L1q4x0ru2sU&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_DhvD33yXk6qIwoOf91MRDO5DWiFswkYDgO6RsbULQMcS6RUOOasubOT2IoCBddBj4-Ude5xUGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3958635835380150&output=html&h=90&slotname=2236707769&adk=3038292959&adf=4198762026&pi=t.ma~as.2236707769&w=728&fwrn=4&fwrnh=100&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704418123241&bpp=4&bdt=667&idt=474&shv=r20240104&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4073493798650&frm=8&ife=1&pv=2&ga_vid=2101351473.1704418124&ga_sid=1704418124&ga_hid=2091654250&ga_fc=0&nhd=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2162050837&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C42531644&oid=2&pvsid=510025747810085&tmod=347050201&uas=0&nvt=1&etu=AA-V4qPa8lkU2Wf8WCBMMiTk9-yswTeTMSTo9oPdFa0ojoZl2fWeF2GyIGWzDdMAQ4WnWmnAWapoZzay7iZuINTwn3F2dkLfQvDSTyAlTUSaPCFxlHIt-K8wdbVECfdBcIF8_7lmHVVJnHZPr_EoOYMq2KQtBa0GiIRvcdBfIsPbxHqau9D4K8OTdDGrGyahGDOdEYlQuOrviK8&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d2zwz8t2fh&fsb=1&dtd=676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3958635835380150&output=html&h=90&slotname=2236707769&adk=3038292959&adf=4198762026&pi=t.ma~as.2236707769&w=728&fwrn=4&fwrnh=100&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704418123241&bpp=4&bdt=667&idt=474&shv=r20240104&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4073493798650&frm=8&ife=1&pv=2&ga_vid=2101351473.1704418124&ga_sid=1704418124&ga_hid=2091654250&ga_fc=0&nhd=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2162050837&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C42531644&oid=2&pvsid=510025747810085&tmod=347050201&uas=0&nvt=1&etu=AA-V4qPa8lkU2Wf8WCBMMiTk9-yswTeTMSTo9oPdFa0ojoZl2fWeF2GyIGWzDdMAQ4WnWmnAWapoZzay7iZuINTwn3F2dkLfQvDSTyAlTUSaPCFxlHIt-K8wdbVECfdBcIF8_7lmHVVJnHZPr_EoOYMq2KQtBa0GiIRvcdBfIsPbxHqau9D4K8OTdDGrGyahGDOdEYlQuOrviK8&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d2zwz8t2fh&fsb=1&dtd=676
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 05 Jan 2024 01:28:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.va.us.criteo.com/google/auction/ Frame C637 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=k5CbGdeCMNgFWuIinRcCAAAAgQfyWlby0m_yC7nPPUtHhhBLW5dlLZ01JFZbxY_NNwAAEgAACgpBUVVEQ2dFQkNn&wp=ZZdbTAADEn4IaCcKAAqevDP4T4gK--tJYxAIPA&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3958635835380150&output=html&h=90&slotname=2236707769&adk=3038292959&adf=4198762026&pi=t.ma~as.2236707769&w=728&fwrn=4&fwrnh=100&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704418123241&bpp=4&bdt=667&idt=474&shv=r20240104&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4073493798650&frm=8&ife=1&pv=2&ga_vid=2101351473.1704418124&ga_sid=1704418124&ga_hid=2091654250&ga_fc=0&nhd=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2162050837&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C42531644&oid=2&pvsid=510025747810085&tmod=347050201&uas=0&nvt=1&etu=AA-V4qPa8lkU2Wf8WCBMMiTk9-yswTeTMSTo9oPdFa0ojoZl2fWeF2GyIGWzDdMAQ4WnWmnAWapoZzay7iZuINTwn3F2dkLfQvDSTyAlTUSaPCFxlHIt-K8wdbVECfdBcIF8_7lmHVVJnHZPr_EoOYMq2KQtBa0GiIRvcdBfIsPbxHqau9D4K8OTdDGrGyahGDOdEYlQuOrviK8&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d2zwz8t2fh&fsb=1&dtd=676
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
220223
server
Kestrel
content-length
0
collect
v.clarity.ms/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.staradvertiser.com
Date
Fri, 05 Jan 2024 01:28:45 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
privacy_small.svg
static.criteo.net/flash/icon/ Frame A1B4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZZdbTAADEn4IaCcKAAqevDP4T4gK--tJYxAIPA&u=%7CXEfrSS7KiJg%2B9O89rc8um8RLWiSWScKmFJit12HXCT0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF001uFa70DxO771mhLI1SmYvQ9FXoJngGw0jSGyv6XqYV-HaV7b-k68p07I58TBoWW9SmQGUnbYk85VzSbI3HyWCwADQAMnopGNApTYdJo3vx9ZlPWs9PuD-hFZCQbJEdHk-WIocY6OGbRGt7c92wCYCBlz7b9I7yjnyPnNviktPPKETUfbd5cLMlB2ICGsWsXqsE5YUy_1sm895CB2EQ5quBK5Vq6BTz9ffpskTWWjNucJhLY-EY5YReaUqBDEXLAsdSZX4sDeHfe8Pf3qg-J_Dsti464UdK6M0rVtXzCQSusv0MSpZJpk_OFvw8B-S4pO5na1tqDTISFtOPMaLuNYJdzVuwkuI397bwMWXwTomTvSBNfHzyEkD3faLdcOA7s9KmknNjmvVJjWWKCcIkqvdkH_l7M79B-qEQ6yTo0VW3FjfmUuNd1HjCfzyXD7_Jot2Yrd6cr1fPH8U_0V16wbmXKL6AcqbWCUTCnbKek7LHUygdhwaOuSQE8TAsl0VbV0soKN-IXYEhd05btgHhtuSOWJhMu9DDh0911J87z4l88&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClSsVTFuXZf6kDIrOoPMPvL2q0AGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzk1ODYzNTgzNTM4MDE1MMgBCagDAcgDAqoE-QFP0MYLP0Zd97MTteqCpyeG03lsjd73PHt364L9sldo7vutiXtONUz-FNpw78CVo1WQW6qMctuDMFML2Sfogz116Q6au5vhjRfKtE3nEXyDjpsuqimZHK5detsPBWo15fW9ztohboWrNEumMWznw1AdROyfIlz1VTq1RUBycHUzl_ZwhbuSkllrRMLzdj__PmrpHMU2GnxriVkxqDOJxsQUdiMLqo2MxH86S-nleLUOMdP8wyo-4150tqxX6lk1xMjc4u_T91AsVml8yVKwvXWIUaOondQvL1_NE-5IGg8fVgdzRZPFeE3jq084BEYI1QnYkmnjpv9jwwGABpju34yH193snAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY6N_dpozFgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jiM41XGdHkD9DsOKJ_cSvsEAeFw%26client%3Dca-pub-3958635835380150%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 30 Dec 2024 01:28:45 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame A1B4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZZdbTAADEn4IaCcKAAqevDP4T4gK--tJYxAIPA&u=%7CXEfrSS7KiJg%2B9O89rc8um8RLWiSWScKmFJit12HXCT0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF001uFa70DxO771mhLI1SmYvQ9FXoJngGw0jSGyv6XqYV-HaV7b-k68p07I58TBoWW9SmQGUnbYk85VzSbI3HyWCwADQAMnopGNApTYdJo3vx9ZlPWs9PuD-hFZCQbJEdHk-WIocY6OGbRGt7c92wCYCBlz7b9I7yjnyPnNviktPPKETUfbd5cLMlB2ICGsWsXqsE5YUy_1sm895CB2EQ5quBK5Vq6BTz9ffpskTWWjNucJhLY-EY5YReaUqBDEXLAsdSZX4sDeHfe8Pf3qg-J_Dsti464UdK6M0rVtXzCQSusv0MSpZJpk_OFvw8B-S4pO5na1tqDTISFtOPMaLuNYJdzVuwkuI397bwMWXwTomTvSBNfHzyEkD3faLdcOA7s9KmknNjmvVJjWWKCcIkqvdkH_l7M79B-qEQ6yTo0VW3FjfmUuNd1HjCfzyXD7_Jot2Yrd6cr1fPH8U_0V16wbmXKL6AcqbWCUTCnbKek7LHUygdhwaOuSQE8TAsl0VbV0soKN-IXYEhd05btgHhtuSOWJhMu9DDh0911J87z4l88&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClSsVTFuXZf6kDIrOoPMPvL2q0AGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzk1ODYzNTgzNTM4MDE1MMgBCagDAcgDAqoE-QFP0MYLP0Zd97MTteqCpyeG03lsjd73PHt364L9sldo7vutiXtONUz-FNpw78CVo1WQW6qMctuDMFML2Sfogz116Q6au5vhjRfKtE3nEXyDjpsuqimZHK5detsPBWo15fW9ztohboWrNEumMWznw1AdROyfIlz1VTq1RUBycHUzl_ZwhbuSkllrRMLzdj__PmrpHMU2GnxriVkxqDOJxsQUdiMLqo2MxH86S-nleLUOMdP8wyo-4150tqxX6lk1xMjc4u_T91AsVml8yVKwvXWIUaOondQvL1_NE-5IGg8fVgdzRZPFeE3jq084BEYI1QnYkmnjpv9jwwGABpju34yH193snAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY6N_dpozFgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jiM41XGdHkD9DsOKJ_cSvsEAeFw%26client%3Dca-pub-3958635835380150%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 30 Dec 2024 01:28:45 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A1B4 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZZdbTAADEn4IaCcKAAqevDP4T4gK--tJYxAIPA&u=%7CXEfrSS7KiJg%2B9O89rc8um8RLWiSWScKmFJit12HXCT0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF001uFa70DxO771mhLI1SmYvQ9FXoJngGw0jSGyv6XqYV-HaV7b-k68p07I58TBoWW9SmQGUnbYk85VzSbI3HyWCwADQAMnopGNApTYdJo3vx9ZlPWs9PuD-hFZCQbJEdHk-WIocY6OGbRGt7c92wCYCBlz7b9I7yjnyPnNviktPPKETUfbd5cLMlB2ICGsWsXqsE5YUy_1sm895CB2EQ5quBK5Vq6BTz9ffpskTWWjNucJhLY-EY5YReaUqBDEXLAsdSZX4sDeHfe8Pf3qg-J_Dsti464UdK6M0rVtXzCQSusv0MSpZJpk_OFvw8B-S4pO5na1tqDTISFtOPMaLuNYJdzVuwkuI397bwMWXwTomTvSBNfHzyEkD3faLdcOA7s9KmknNjmvVJjWWKCcIkqvdkH_l7M79B-qEQ6yTo0VW3FjfmUuNd1HjCfzyXD7_Jot2Yrd6cr1fPH8U_0V16wbmXKL6AcqbWCUTCnbKek7LHUygdhwaOuSQE8TAsl0VbV0soKN-IXYEhd05btgHhtuSOWJhMu9DDh0911J87z4l88&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClSsVTFuXZf6kDIrOoPMPvL2q0AGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzk1ODYzNTgzNTM4MDE1MMgBCagDAcgDAqoE-QFP0MYLP0Zd97MTteqCpyeG03lsjd73PHt364L9sldo7vutiXtONUz-FNpw78CVo1WQW6qMctuDMFML2Sfogz116Q6au5vhjRfKtE3nEXyDjpsuqimZHK5detsPBWo15fW9ztohboWrNEumMWznw1AdROyfIlz1VTq1RUBycHUzl_ZwhbuSkllrRMLzdj__PmrpHMU2GnxriVkxqDOJxsQUdiMLqo2MxH86S-nleLUOMdP8wyo-4150tqxX6lk1xMjc4u_T91AsVml8yVKwvXWIUaOondQvL1_NE-5IGg8fVgdzRZPFeE3jq084BEYI1QnYkmnjpv9jwwGABpju34yH193snAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY6N_dpozFgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jiM41XGdHkD9DsOKJ_cSvsEAeFw%26client%3Dca-pub-3958635835380150%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 30 Dec 2024 01:28:45 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame A1B4 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZZdbTAADEn4IaCcKAAqevDP4T4gK--tJYxAIPA&u=%7CXEfrSS7KiJg%2B9O89rc8um8RLWiSWScKmFJit12HXCT0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF001uFa70DxO771mhLI1SmYvQ9FXoJngGw0jSGyv6XqYV-HaV7b-k68p07I58TBoWW9SmQGUnbYk85VzSbI3HyWCwADQAMnopGNApTYdJo3vx9ZlPWs9PuD-hFZCQbJEdHk-WIocY6OGbRGt7c92wCYCBlz7b9I7yjnyPnNviktPPKETUfbd5cLMlB2ICGsWsXqsE5YUy_1sm895CB2EQ5quBK5Vq6BTz9ffpskTWWjNucJhLY-EY5YReaUqBDEXLAsdSZX4sDeHfe8Pf3qg-J_Dsti464UdK6M0rVtXzCQSusv0MSpZJpk_OFvw8B-S4pO5na1tqDTISFtOPMaLuNYJdzVuwkuI397bwMWXwTomTvSBNfHzyEkD3faLdcOA7s9KmknNjmvVJjWWKCcIkqvdkH_l7M79B-qEQ6yTo0VW3FjfmUuNd1HjCfzyXD7_Jot2Yrd6cr1fPH8U_0V16wbmXKL6AcqbWCUTCnbKek7LHUygdhwaOuSQE8TAsl0VbV0soKN-IXYEhd05btgHhtuSOWJhMu9DDh0911J87z4l88&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClSsVTFuXZf6kDIrOoPMPvL2q0AGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzk1ODYzNTgzNTM4MDE1MMgBCagDAcgDAqoE-QFP0MYLP0Zd97MTteqCpyeG03lsjd73PHt364L9sldo7vutiXtONUz-FNpw78CVo1WQW6qMctuDMFML2Sfogz116Q6au5vhjRfKtE3nEXyDjpsuqimZHK5detsPBWo15fW9ztohboWrNEumMWznw1AdROyfIlz1VTq1RUBycHUzl_ZwhbuSkllrRMLzdj__PmrpHMU2GnxriVkxqDOJxsQUdiMLqo2MxH86S-nleLUOMdP8wyo-4150tqxX6lk1xMjc4u_T91AsVml8yVKwvXWIUaOondQvL1_NE-5IGg8fVgdzRZPFeE3jq084BEYI1QnYkmnjpv9jwwGABpju34yH193snAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY6N_dpozFgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jiM41XGdHkD9DsOKJ_cSvsEAeFw%26client%3Dca-pub-3958635835380150%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 30 Dec 2024 01:28:45 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame A1B4 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=NroRMB3__aMigEv_tTfJUBlzYuZ4nmEqIb3yBMs4F4I4cbml6FKczGdoNq_HvHRGXR_P0eT2FtA-7Cn2MuGltLMIyO0SZ3Uc2_5OPc7aypn17UJcPQaQ3U677iUYInA0D4hEDU4zsnih1IKAUiolAzE6lDXTULNV1II9XlQLxdsjJNFHO3yWY-YlWeuQ2VeBPCEhfQgILr_YfWgQRgvYCT9QVhDNj8_3SFknqo75PC9EACy6fAwNkYVcvgK7ry_Jl7UCAHYzyB7tDwLgTcWKERFbV_c9Ia1fcvUgU7NNFmVVD_KsWf_ducqTijQARqZG9MY40_7sJQ1KAZutLg6B-zHjecwloUDNRrFbR9UatBiYgScgeRYewxuzAUNj0rLomreYa0CjXxZ8rglnK5-ExK3vRf0N7DmZtjtn83gg9Oe-srBK
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZZdbTAADEn4IaCcKAAqevDP4T4gK--tJYxAIPA&u=%7CXEfrSS7KiJg%2B9O89rc8um8RLWiSWScKmFJit12HXCT0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF001uFa70DxO771mhLI1SmYvQ9FXoJngGw0jSGyv6XqYV-HaV7b-k68p07I58TBoWW9SmQGUnbYk85VzSbI3HyWCwADQAMnopGNApTYdJo3vx9ZlPWs9PuD-hFZCQbJEdHk-WIocY6OGbRGt7c92wCYCBlz7b9I7yjnyPnNviktPPKETUfbd5cLMlB2ICGsWsXqsE5YUy_1sm895CB2EQ5quBK5Vq6BTz9ffpskTWWjNucJhLY-EY5YReaUqBDEXLAsdSZX4sDeHfe8Pf3qg-J_Dsti464UdK6M0rVtXzCQSusv0MSpZJpk_OFvw8B-S4pO5na1tqDTISFtOPMaLuNYJdzVuwkuI397bwMWXwTomTvSBNfHzyEkD3faLdcOA7s9KmknNjmvVJjWWKCcIkqvdkH_l7M79B-qEQ6yTo0VW3FjfmUuNd1HjCfzyXD7_Jot2Yrd6cr1fPH8U_0V16wbmXKL6AcqbWCUTCnbKek7LHUygdhwaOuSQE8TAsl0VbV0soKN-IXYEhd05btgHhtuSOWJhMu9DDh0911J87z4l88&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClSsVTFuXZf6kDIrOoPMPvL2q0AGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzk1ODYzNTgzNTM4MDE1MMgBCagDAcgDAqoE-QFP0MYLP0Zd97MTteqCpyeG03lsjd73PHt364L9sldo7vutiXtONUz-FNpw78CVo1WQW6qMctuDMFML2Sfogz116Q6au5vhjRfKtE3nEXyDjpsuqimZHK5detsPBWo15fW9ztohboWrNEumMWznw1AdROyfIlz1VTq1RUBycHUzl_ZwhbuSkllrRMLzdj__PmrpHMU2GnxriVkxqDOJxsQUdiMLqo2MxH86S-nleLUOMdP8wyo-4150tqxX6lk1xMjc4u_T91AsVml8yVKwvXWIUaOondQvL1_NE-5IGg8fVgdzRZPFeE3jq084BEYI1QnYkmnjpv9jwwGABpju34yH193snAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY6N_dpozFgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jiM41XGdHkD9DsOKJ_cSvsEAeFw%26client%3Dca-pub-3958635835380150%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2627839
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A1B4 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZZdbTAADEn4IaCcKAAqevDP4T4gK--tJYxAIPA&u=%7CXEfrSS7KiJg%2B9O89rc8um8RLWiSWScKmFJit12HXCT0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF001uFa70DxO771mhLI1SmYvQ9FXoJngGw0jSGyv6XqYV-HaV7b-k68p07I58TBoWW9SmQGUnbYk85VzSbI3HyWCwADQAMnopGNApTYdJo3vx9ZlPWs9PuD-hFZCQbJEdHk-WIocY6OGbRGt7c92wCYCBlz7b9I7yjnyPnNviktPPKETUfbd5cLMlB2ICGsWsXqsE5YUy_1sm895CB2EQ5quBK5Vq6BTz9ffpskTWWjNucJhLY-EY5YReaUqBDEXLAsdSZX4sDeHfe8Pf3qg-J_Dsti464UdK6M0rVtXzCQSusv0MSpZJpk_OFvw8B-S4pO5na1tqDTISFtOPMaLuNYJdzVuwkuI397bwMWXwTomTvSBNfHzyEkD3faLdcOA7s9KmknNjmvVJjWWKCcIkqvdkH_l7M79B-qEQ6yTo0VW3FjfmUuNd1HjCfzyXD7_Jot2Yrd6cr1fPH8U_0V16wbmXKL6AcqbWCUTCnbKek7LHUygdhwaOuSQE8TAsl0VbV0soKN-IXYEhd05btgHhtuSOWJhMu9DDh0911J87z4l88&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClSsVTFuXZf6kDIrOoPMPvL2q0AGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzk1ODYzNTgzNTM4MDE1MMgBCagDAcgDAqoE-QFP0MYLP0Zd97MTteqCpyeG03lsjd73PHt364L9sldo7vutiXtONUz-FNpw78CVo1WQW6qMctuDMFML2Sfogz116Q6au5vhjRfKtE3nEXyDjpsuqimZHK5detsPBWo15fW9ztohboWrNEumMWznw1AdROyfIlz1VTq1RUBycHUzl_ZwhbuSkllrRMLzdj__PmrpHMU2GnxriVkxqDOJxsQUdiMLqo2MxH86S-nleLUOMdP8wyo-4150tqxX6lk1xMjc4u_T91AsVml8yVKwvXWIUaOondQvL1_NE-5IGg8fVgdzRZPFeE3jq084BEYI1QnYkmnjpv9jwwGABpju34yH193snAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY6N_dpozFgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jiM41XGdHkD9DsOKJ_cSvsEAeFw%26client%3Dca-pub-3958635835380150%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
566892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAcJspCag%2BS9%2FsDjfQ2O96TqiP1OT15zNWWE8SPDQycCwaxMkrm1cLGryz6ARsK%2BgnmG0AMFLzuVj140Sr2Kse4fS93wjjgEBvy61IAQPLgmdbDg3z6KWx9DsztGGQHrZLJ1CglGSlSETrN6gHvt2uln"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8407f242ffe49ae5-MIA
expires
Wed, 25 Dec 2024 01:28:45 GMT
user-sync
sync.adkernel.com/ Frame 3AE8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=24138&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LQZYJ7Y5-28-J2H9
  • https://sync.adkernel.com/user-sync?dsp=84&t=image&uid=LQZYJ7Y5-28-J2H9&gdpr=0&gdpr_consent=undefined&us_privacy=1---
0
0
animejs.js
static.criteo.net/animejs/ Frame A1B4 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZZdbTAADEn4IaCcKAAqevDP4T4gK--tJYxAIPA&u=%7CXEfrSS7KiJg%2B9O89rc8um8RLWiSWScKmFJit12HXCT0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF001uFa70DxO771mhLI1SmYvQ9FXoJngGw0jSGyv6XqYV-HaV7b-k68p07I58TBoWW9SmQGUnbYk85VzSbI3HyWCwADQAMnopGNApTYdJo3vx9ZlPWs9PuD-hFZCQbJEdHk-WIocY6OGbRGt7c92wCYCBlz7b9I7yjnyPnNviktPPKETUfbd5cLMlB2ICGsWsXqsE5YUy_1sm895CB2EQ5quBK5Vq6BTz9ffpskTWWjNucJhLY-EY5YReaUqBDEXLAsdSZX4sDeHfe8Pf3qg-J_Dsti464UdK6M0rVtXzCQSusv0MSpZJpk_OFvw8B-S4pO5na1tqDTISFtOPMaLuNYJdzVuwkuI397bwMWXwTomTvSBNfHzyEkD3faLdcOA7s9KmknNjmvVJjWWKCcIkqvdkH_l7M79B-qEQ6yTo0VW3FjfmUuNd1HjCfzyXD7_Jot2Yrd6cr1fPH8U_0V16wbmXKL6AcqbWCUTCnbKek7LHUygdhwaOuSQE8TAsl0VbV0soKN-IXYEhd05btgHhtuSOWJhMu9DDh0911J87z4l88&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClSsVTFuXZf6kDIrOoPMPvL2q0AGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzk1ODYzNTgzNTM4MDE1MMgBCagDAcgDAqoE-QFP0MYLP0Zd97MTteqCpyeG03lsjd73PHt364L9sldo7vutiXtONUz-FNpw78CVo1WQW6qMctuDMFML2Sfogz116Q6au5vhjRfKtE3nEXyDjpsuqimZHK5detsPBWo15fW9ztohboWrNEumMWznw1AdROyfIlz1VTq1RUBycHUzl_ZwhbuSkllrRMLzdj__PmrpHMU2GnxriVkxqDOJxsQUdiMLqo2MxH86S-nleLUOMdP8wyo-4150tqxX6lk1xMjc4u_T91AsVml8yVKwvXWIUaOondQvL1_NE-5IGg8fVgdzRZPFeE3jq084BEYI1QnYkmnjpv9jwwGABpju34yH193snAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY6N_dpozFgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jiM41XGdHkD9DsOKJ_cSvsEAeFw%26client%3Dca-pub-3958635835380150%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 30 Dec 2024 01:28:45 GMT
img
imageproxy.us.criteo.net/img/ Frame A1B4 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?cq=256&h=800&m=0&partner=108897&q=80&r=0&u=https%3A%2F%2Fstatic.va.us.criteo.net%2Fimages%2Fbehindthemarkets%2Fshutterstock_wg12.jpg&v=3&w=800&rid=4&s=5rwtFBv4eHbWcqsWliUrFAcb&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZZdbTAADEn4IaCcKAAqevDP4T4gK--tJYxAIPA&u=%7CXEfrSS7KiJg%2B9O89rc8um8RLWiSWScKmFJit12HXCT0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF001uFa70DxO771mhLI1SmYvQ9FXoJngGw0jSGyv6XqYV-HaV7b-k68p07I58TBoWW9SmQGUnbYk85VzSbI3HyWCwADQAMnopGNApTYdJo3vx9ZlPWs9PuD-hFZCQbJEdHk-WIocY6OGbRGt7c92wCYCBlz7b9I7yjnyPnNviktPPKETUfbd5cLMlB2ICGsWsXqsE5YUy_1sm895CB2EQ5quBK5Vq6BTz9ffpskTWWjNucJhLY-EY5YReaUqBDEXLAsdSZX4sDeHfe8Pf3qg-J_Dsti464UdK6M0rVtXzCQSusv0MSpZJpk_OFvw8B-S4pO5na1tqDTISFtOPMaLuNYJdzVuwkuI397bwMWXwTomTvSBNfHzyEkD3faLdcOA7s9KmknNjmvVJjWWKCcIkqvdkH_l7M79B-qEQ6yTo0VW3FjfmUuNd1HjCfzyXD7_Jot2Yrd6cr1fPH8U_0V16wbmXKL6AcqbWCUTCnbKek7LHUygdhwaOuSQE8TAsl0VbV0soKN-IXYEhd05btgHhtuSOWJhMu9DDh0911J87z4l88&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClSsVTFuXZf6kDIrOoPMPvL2q0AGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzk1ODYzNTgzNTM4MDE1MMgBCagDAcgDAqoE-QFP0MYLP0Zd97MTteqCpyeG03lsjd73PHt364L9sldo7vutiXtONUz-FNpw78CVo1WQW6qMctuDMFML2Sfogz116Q6au5vhjRfKtE3nEXyDjpsuqimZHK5detsPBWo15fW9ztohboWrNEumMWznw1AdROyfIlz1VTq1RUBycHUzl_ZwhbuSkllrRMLzdj__PmrpHMU2GnxriVkxqDOJxsQUdiMLqo2MxH86S-nleLUOMdP8wyo-4150tqxX6lk1xMjc4u_T91AsVml8yVKwvXWIUaOondQvL1_NE-5IGg8fVgdzRZPFeE3jq084BEYI1QnYkmnjpv9jwwGABpju34yH193snAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY6N_dpozFgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jiM41XGdHkD9DsOKJ_cSvsEAeFw%26client%3Dca-pub-3958635835380150%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
c383092a7c9719626ffb9418e1a5845742cac61cc6cf54636c741c456c83b26a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
8944
expires
Wed, 25 Dec 2024 00:42:13 GMT
all
csm.us.criteo.net/ Frame A1B4 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=2kihzg9UISSGukduTL4RIzL5w40dvN8Z_irf-uvMTFHWIXUShpIXzijc3nbU260lHTzxMjxgNQaj2B6_IHkv2w31thd4xmJXPYJ_4vuYR1yRbKpaoeGYPzXCltHJ9lfKQn_lMBLmmEv0-ILCMUOjg2zV99JMsJe4aH5VadyizSWGiJXAjtRAMF9FnPX-hD7OGac1MHF5f6DRfmcj3m3i1zAvVoXg79Y1kK-BgvsziIFCe9CbwCQn2zBbfw_qmm0-vVMR9w&sds=2&rev=90025&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZZdbTAADEn4IaCcKAAqevDP4T4gK--tJYxAIPA&u=%7CXEfrSS7KiJg%2B9O89rc8um8RLWiSWScKmFJit12HXCT0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF001uFa70DxO771mhLI1SmYvQ9FXoJngGw0jSGyv6XqYV-HaV7b-k68p07I58TBoWW9SmQGUnbYk85VzSbI3HyWCwADQAMnopGNApTYdJo3vx9ZlPWs9PuD-hFZCQbJEdHk-WIocY6OGbRGt7c92wCYCBlz7b9I7yjnyPnNviktPPKETUfbd5cLMlB2ICGsWsXqsE5YUy_1sm895CB2EQ5quBK5Vq6BTz9ffpskTWWjNucJhLY-EY5YReaUqBDEXLAsdSZX4sDeHfe8Pf3qg-J_Dsti464UdK6M0rVtXzCQSusv0MSpZJpk_OFvw8B-S4pO5na1tqDTISFtOPMaLuNYJdzVuwkuI397bwMWXwTomTvSBNfHzyEkD3faLdcOA7s9KmknNjmvVJjWWKCcIkqvdkH_l7M79B-qEQ6yTo0VW3FjfmUuNd1HjCfzyXD7_Jot2Yrd6cr1fPH8U_0V16wbmXKL6AcqbWCUTCnbKek7LHUygdhwaOuSQE8TAsl0VbV0soKN-IXYEhd05btgHhtuSOWJhMu9DDh0911J87z4l88&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClSsVTFuXZf6kDIrOoPMPvL2q0AGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzk1ODYzNTgzNTM4MDE1MMgBCagDAcgDAqoE-QFP0MYLP0Zd97MTteqCpyeG03lsjd73PHt364L9sldo7vutiXtONUz-FNpw78CVo1WQW6qMctuDMFML2Sfogz116Q6au5vhjRfKtE3nEXyDjpsuqimZHK5detsPBWo15fW9ztohboWrNEumMWznw1AdROyfIlz1VTq1RUBycHUzl_ZwhbuSkllrRMLzdj__PmrpHMU2GnxriVkxqDOJxsQUdiMLqo2MxH86S-nleLUOMdP8wyo-4150tqxX6lk1xMjc4u_T91AsVml8yVKwvXWIUaOondQvL1_NE-5IGg8fVgdzRZPFeE3jq084BEYI1QnYkmnjpv9jwwGABpju34yH193snAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY6N_dpozFgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jiM41XGdHkD9DsOKJ_cSvsEAeFw%26client%3Dca-pub-3958635835380150%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 05 Jan 2024 01:28:45 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A1B4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZZdbTAADEn4IaCcKAAqevDP4T4gK--tJYxAIPA&u=%7CXEfrSS7KiJg%2B9O89rc8um8RLWiSWScKmFJit12HXCT0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF001uFa70DxO771mhLI1SmYvQ9FXoJngGw0jSGyv6XqYV-HaV7b-k68p07I58TBoWW9SmQGUnbYk85VzSbI3HyWCwADQAMnopGNApTYdJo3vx9ZlPWs9PuD-hFZCQbJEdHk-WIocY6OGbRGt7c92wCYCBlz7b9I7yjnyPnNviktPPKETUfbd5cLMlB2ICGsWsXqsE5YUy_1sm895CB2EQ5quBK5Vq6BTz9ffpskTWWjNucJhLY-EY5YReaUqBDEXLAsdSZX4sDeHfe8Pf3qg-J_Dsti464UdK6M0rVtXzCQSusv0MSpZJpk_OFvw8B-S4pO5na1tqDTISFtOPMaLuNYJdzVuwkuI397bwMWXwTomTvSBNfHzyEkD3faLdcOA7s9KmknNjmvVJjWWKCcIkqvdkH_l7M79B-qEQ6yTo0VW3FjfmUuNd1HjCfzyXD7_Jot2Yrd6cr1fPH8U_0V16wbmXKL6AcqbWCUTCnbKek7LHUygdhwaOuSQE8TAsl0VbV0soKN-IXYEhd05btgHhtuSOWJhMu9DDh0911J87z4l88&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClSsVTFuXZf6kDIrOoPMPvL2q0AGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzk1ODYzNTgzNTM4MDE1MMgBCagDAcgDAqoE-QFP0MYLP0Zd97MTteqCpyeG03lsjd73PHt364L9sldo7vutiXtONUz-FNpw78CVo1WQW6qMctuDMFML2Sfogz116Q6au5vhjRfKtE3nEXyDjpsuqimZHK5detsPBWo15fW9ztohboWrNEumMWznw1AdROyfIlz1VTq1RUBycHUzl_ZwhbuSkllrRMLzdj__PmrpHMU2GnxriVkxqDOJxsQUdiMLqo2MxH86S-nleLUOMdP8wyo-4150tqxX6lk1xMjc4u_T91AsVml8yVKwvXWIUaOondQvL1_NE-5IGg8fVgdzRZPFeE3jq084BEYI1QnYkmnjpv9jwwGABpju34yH193snAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY6N_dpozFgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jiM41XGdHkD9DsOKJ_cSvsEAeFw%26client%3Dca-pub-3958635835380150%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 30 Dec 2024 01:28:45 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame A1B4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZZdbTAADEn4IaCcKAAqevDP4T4gK--tJYxAIPA&u=%7CXEfrSS7KiJg%2B9O89rc8um8RLWiSWScKmFJit12HXCT0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF001uFa70DxO771mhLI1SmYvQ9FXoJngGw0jSGyv6XqYV-HaV7b-k68p07I58TBoWW9SmQGUnbYk85VzSbI3HyWCwADQAMnopGNApTYdJo3vx9ZlPWs9PuD-hFZCQbJEdHk-WIocY6OGbRGt7c92wCYCBlz7b9I7yjnyPnNviktPPKETUfbd5cLMlB2ICGsWsXqsE5YUy_1sm895CB2EQ5quBK5Vq6BTz9ffpskTWWjNucJhLY-EY5YReaUqBDEXLAsdSZX4sDeHfe8Pf3qg-J_Dsti464UdK6M0rVtXzCQSusv0MSpZJpk_OFvw8B-S4pO5na1tqDTISFtOPMaLuNYJdzVuwkuI397bwMWXwTomTvSBNfHzyEkD3faLdcOA7s9KmknNjmvVJjWWKCcIkqvdkH_l7M79B-qEQ6yTo0VW3FjfmUuNd1HjCfzyXD7_Jot2Yrd6cr1fPH8U_0V16wbmXKL6AcqbWCUTCnbKek7LHUygdhwaOuSQE8TAsl0VbV0soKN-IXYEhd05btgHhtuSOWJhMu9DDh0911J87z4l88&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClSsVTFuXZf6kDIrOoPMPvL2q0AGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzk1ODYzNTgzNTM4MDE1MMgBCagDAcgDAqoE-QFP0MYLP0Zd97MTteqCpyeG03lsjd73PHt364L9sldo7vutiXtONUz-FNpw78CVo1WQW6qMctuDMFML2Sfogz116Q6au5vhjRfKtE3nEXyDjpsuqimZHK5detsPBWo15fW9ztohboWrNEumMWznw1AdROyfIlz1VTq1RUBycHUzl_ZwhbuSkllrRMLzdj__PmrpHMU2GnxriVkxqDOJxsQUdiMLqo2MxH86S-nleLUOMdP8wyo-4150tqxX6lk1xMjc4u_T91AsVml8yVKwvXWIUaOondQvL1_NE-5IGg8fVgdzRZPFeE3jq084BEYI1QnYkmnjpv9jwwGABpju34yH193snAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY6N_dpozFgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jiM41XGdHkD9DsOKJ_cSvsEAeFw%26client%3Dca-pub-3958635835380150%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 30 Dec 2024 01:28:45 GMT
player-event
events.qortex.ai/api/v1/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdxSkViavz2OEtaXZFOjE71bwcKLHEgPfJXBuCOvoSRMgrNm861LNR5Rfo128JLOiKsKr8sDPYH039FcHEZxIwwoxgb%2BAtWLUOeCeNiQLmOX4ahzOI2TXG34TO7LCVSpE6Evw2z2IsmuNbqYlRI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f24448b17449-MIA
content-length
0
generate_204
tpc.googlesyndication.com/ Frame CBC5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OS3T2A
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 Ashburn, United States, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f243effc7449-MIA
date
Fri, 05 Jan 2024 01:28:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZbMDYOZNKI%2BpswD3viYbfP0Zr%2B0CWUSNmWv3l94IxRSkeLPgMtJmApLEALlyAI7K1mxNusdFxidqcuQws8PT4lfxeG15OX6UNCf6pPXVRLbRLa4HMwYzsEFEPcvFqz4qXUC6TULA%2F6sLo6ZfX50%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
robotocondensed-400.css
static.criteo.net/design/googlefont/robotocondensed/ Frame A1B4 		2 KB
854 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/robotocondensed/robotocondensed-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
66d5e835f06be29e8b5112ee84def9f11eeef96f164d624ca3ba8bd8d3e2cefe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:23 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13f-8cb"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 30 Dec 2024 01:28:45 GMT
robotocondensed-700.css
static.criteo.net/design/googlefont/robotocondensed/ Frame A1B4 		2 KB
854 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/robotocondensed/robotocondensed-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a89436744ba49b4862462535669d5c092b795b37d9b87b3be0e6cf19c0a3765c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:26 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f142-8cb"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 30 Dec 2024 01:28:45 GMT
robotocondensed-400-latin.woff2
static.criteo.net/design/googlefont/robotocondensed/ Frame A1B4 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/robotocondensed/robotocondensed-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/robotocondensed/robotocondensed-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
d0b9c05ce31708c1061e034b60c217a0d35afd201434c06d03ba5b20a19cee4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/robotocondensed/robotocondensed-400.css
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:23 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13f-3d54"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 30 Dec 2024 01:28:45 GMT
robotocondensed-700-latin.woff2
static.criteo.net/design/googlefont/robotocondensed/ Frame A1B4 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/robotocondensed/robotocondensed-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/robotocondensed/robotocondensed-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
edca2a1c73b32af9fa0bcd22f2863b727ae81863885e83b8486b74612faa9deb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/robotocondensed/robotocondensed-700.css
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:26 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f142-3d2c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 30 Dec 2024 01:28:45 GMT
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_ceu-load-v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.119.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Fri, 05 Jan 2024 01:28:46 GMT
vary
Origin
event
event.instiengage.com/v1/ Frame 0927 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_ceu-load-v2
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.119.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:46 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
sodar
pagead2.googlesyndication.com/pagead/ Frame 1819 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240104&jk=510025747810085&bg=!iIuli8TNAAaumcC-jpk7ADQBe5WfOEQldd_t0kYECZ9y1CkVEBu3T6Q-10GhTs4bw_pGNTexF3UJbh_i5YP1U6CTgTGvAgAAAP5SAAAACWgBB5kDJJoOM8fXK0g99yOcquaUQsbz7frdUnrdaycuGKgxRKzOtzwH-flHlQM16GwtHE5aZZMH7fdvwK7VYw71hDe5Rve8yDFEABRLhD8M0FekhRvlvUCuMbcoe1ADrWzLCTK6Mal0XjPw7dghEQSfyurab68ASKlCZeUW_L5xRoCYK72QfqRCxr1shfn4JqsL82LqF1kJ29me21AGFpEP1fGzqwfeZkbWNkDG_xv-UQbIL9TZwGeKPApZTsE3gbiPmb2o432EkO3V-wcs5g4B3JKOUQVvGPjFrVEKE_U-X_t2JW-v9zOxGpwVWeL7OLXDXUDxbU-WoSN1TN5WC0ewkSevORSTY-0lpmBY3QNWYoJJlivEth4K8OhtgK3LiSxvE0F3qdbvzNHFggHCEueXgXNaIQNL79x6RrQrejjYZzYedDkUL8aqRhrMJydaWnkH6UeFNl5N7UaAajPQxNcoXJ2Nb0KnuJ8Xtzzt_SKMGSUkgpjiBBzVENig_21voVGK7mf1Ghld_P75zGjbFQBruKdkGcGTJ1Btu7NrZrkAp8X2Y6e7ZdYsd0ge8-o6ky2JZqZNUEvFbibdcI09hUHL_0ksjRfcBuUHcpfbgp6zRcELG9-l4Te26_-3sCraCBmPVBkKC6mNHVgwm-gPU7rfzaDIISbfpw7T1Q8ADTP3JsjbqbKstsyjJePAYb75jrSUx7J2nWReHyIRmeQdbfTxVqld6G4Th5FyeilfGQnxRHFDAOqUHHo77JnE1KKW-f6DxUYbAkbW_jY2oJv3BPZvaKI8MGrxLk-KMkzGXOWKca0Cj0sqDYIea-_a4hoHb8qlmZQoHRqqZ5ifm5wfnpPFq9KB-DSha8qWKSEipkvri2h-BC_fAUH_dmJm0jU_cD95hIkPBAtvUoo2UgzJ0mA1UhEbCiqhlmHMOlxuZG4mPPvLoCJKrcnjQZtFGzV_TVL07Pm0vWwTI0ey5iLVmTZvYe2hBerkOlIJgq4dQvmvgUa309KSyfkQcOfspPCrREeuQT0SbkGNhZ8whDdtAIndPFdnxV0d3qqyQbXX6trrKNaRuqmbKjK4vA
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame C637 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstk-uEf1ts70ru8s4s0YsVwhHMIDcNJEsCxuBjT2X-ymVZIReDYpRCvvEuRedTxshyqt7dm8XBFgiBNmVkEgBOKOZPtK9iIWu_nLRQa7TyMzpePVYHRm2E&sig=Cg0ArKJSzI5NQkzuYLYPEAE&id=lidar2&mcvt=1003&p=0,0,90,728&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3038292959&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704418123928&rpt=1212&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f24a4c7f7449-MIA
date
Fri, 05 Jan 2024 01:28:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQCCS4S%2FvJhzhfXNUMBTK6tR98nZgwoCidqpsEDmT7MT43McvwfsXFkU3IiROqZqJJyDO2gELncAAiAnddyWtA8Ll2ZnNKOoyZiNyL4dna8yeVTxz%2B%2FtYV7G5kOT4e3LwBMXv0Sf30pclF1YG%2FA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mH11TfncXEQuQ4Oh%2B%2BwujAkxwNFq8LFbw0LES1NJN4QBaj%2B9gIsscaxdBdBkVeKICCaIcdb0nS2jiFcB76pLdj62I6UdyGPdF05nQmhCc7UKcr%2FCW3%2FC9Bl5e9yUG89chpAnt0hD%2FKsQQNz5MVg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f24aad4f7449-MIA
content-length
0
resources
demand.qortex.ai/api/v1/monetize/ 		21 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/monetize/resources
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f098994becd6270ce7bf67f6abc784ba16163757bddf5fe8b8bf548679c37ee1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ip9Z7O6WSFammaRxgPIFMR%2FNRrjqZuhAFE4ciqO45qMzm28tnBzPsOVYit89JW5TP%2Ft41m0Ybrs4iSx9idtTOiQhlsBKIsPo8A5l%2F%2BtSGMMsB0xUSQSgiSuth%2B06cYvcT%2FVyHAjg151XhYBo%2BY0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cf-ray
8407f24abd577449-MIA
content-length
21
resources
demand.qortex.ai/api/v1/monetize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/monetize/resources
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f24a5c817449-MIA
date
Fri, 05 Jan 2024 01:28:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHwHVmbIIZOG8XvTLLuUQi2MjipqH%2FMfQ3qKcfazFWYQ7nbCXn8Ht4ZJGQdhJNFyxuIO26m%2BjoIFQGuww35T4brcC5C7rVkoZkYunfDpGKyrhOpOJ0f48rKLEqPQCwGXKcar6S0U5DWdoIMqojU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
collect
v.clarity.ms/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.staradvertiser.com
Date
Fri, 05 Jan 2024 01:28:46 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
all
csm.us.criteo.net/ Frame A1B4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=2kihzg9UISSGukduTL4RIzL5w40dvN8Z_irf-uvMTFHWIXUShpIXzijc3nbU260lHTzxMjxgNQaj2B6_IHkv2w31thd4xmJXPYJ_4vuYR1yRbKpaoeGYPzXCltHJ9lfKQn_lMBLmmEv0-ILCMUOjg2zV99JMsJe4aH5VadyizSWGiJXAjtRAMF9FnPX-hD7OGac1MHF5f6DRfmcj3m3i1zAvVoXg79Y1kK-BgvsziIFCe9CbwCQn2zBbfw_qmm0-vVMR9w&sds=2&rev=90025&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZZdbTAADEn4IaCcKAAqevDP4T4gK--tJYxAIPA&u=%7CXEfrSS7KiJg%2B9O89rc8um8RLWiSWScKmFJit12HXCT0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF001uFa70DxO771mhLI1SmYvQ9FXoJngGw0jSGyv6XqYV-HaV7b-k68p07I58TBoWW9SmQGUnbYk85VzSbI3HyWCwADQAMnopGNApTYdJo3vx9ZlPWs9PuD-hFZCQbJEdHk-WIocY6OGbRGt7c92wCYCBlz7b9I7yjnyPnNviktPPKETUfbd5cLMlB2ICGsWsXqsE5YUy_1sm895CB2EQ5quBK5Vq6BTz9ffpskTWWjNucJhLY-EY5YReaUqBDEXLAsdSZX4sDeHfe8Pf3qg-J_Dsti464UdK6M0rVtXzCQSusv0MSpZJpk_OFvw8B-S4pO5na1tqDTISFtOPMaLuNYJdzVuwkuI397bwMWXwTomTvSBNfHzyEkD3faLdcOA7s9KmknNjmvVJjWWKCcIkqvdkH_l7M79B-qEQ6yTo0VW3FjfmUuNd1HjCfzyXD7_Jot2Yrd6cr1fPH8U_0V16wbmXKL6AcqbWCUTCnbKek7LHUygdhwaOuSQE8TAsl0VbV0soKN-IXYEhd05btgHhtuSOWJhMu9DDh0911J87z4l88&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClSsVTFuXZf6kDIrOoPMPvL2q0AGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzk1ODYzNTgzNTM4MDE1MMgBCagDAcgDAqoE-QFP0MYLP0Zd97MTteqCpyeG03lsjd73PHt364L9sldo7vutiXtONUz-FNpw78CVo1WQW6qMctuDMFML2Sfogz116Q6au5vhjRfKtE3nEXyDjpsuqimZHK5detsPBWo15fW9ztohboWrNEumMWznw1AdROyfIlz1VTq1RUBycHUzl_ZwhbuSkllrRMLzdj__PmrpHMU2GnxriVkxqDOJxsQUdiMLqo2MxH86S-nleLUOMdP8wyo-4150tqxX6lk1xMjc4u_T91AsVml8yVKwvXWIUaOondQvL1_NE-5IGg8fVgdzRZPFeE3jq084BEYI1QnYkmnjpv9jwwGABpju34yH193snAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY6N_dpozFgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jiM41XGdHkD9DsOKJ_cSvsEAeFw%26client%3Dca-pub-3958635835380150%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 05 Jan 2024 01:28:45 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
player-event
events.qortex.ai/api/v1/ 		0
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49%2FizU%2BkJCzCVc4TGbM43rSmYtEA%2BusZaRk5xn2Fbh3QX0JZV0pKScZZuY25ZDtgMn0UTeRthil%2BcPjRU3EOQhIuwQQO4XjYnmbgWv2c45kZGbnXAv5ee4ekV%2FQVZiLI74gHjaWnTcbLPpPphKo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f24ca9827449-MIA
content-length
0
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f24c48aa7449-MIA
date
Fri, 05 Jan 2024 01:28:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCpXI9HHUI3sJhMHqd%2FWSiJXNQ0FQKBub240qrKcnlYxXpAAZOxcraWJIQ%2FjIz6dbReTTYCt%2BaX6LgeFw2D%2FOOp5Q8zuTfLq0P9qjoh813GWuh2E7wfo4uUDddH3jZ6rpllSQt6H0M%2Bks4Yj5d8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=YAMFxqR3qCYbUd0e&instance=214055123&version=7.29.3-U&age=240105&ldt=QUARTILE&key=y3roexcY&seq=1&order=9&vIndex=0&absoluteTime=23644.8&relativeTime=19287.7&sm_id=3287948&visiblestatecd=I&soundcd=OFF&quartile=1&pposition=home
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.145.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-145-94.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:47 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_ceu-content-load-v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.119.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Fri, 05 Jan 2024 01:28:47 GMT
vary
Origin
event
event.instiengage.com/v1/ Frame 0927 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_ceu-content-load-v2
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.119.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:47 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f2529d807449-MIA
date
Fri, 05 Jan 2024 01:28:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lK%2BhGMrosc2zJdXqwKkCaROmmuev2ksYHPmuyX293e4tQkpnbhxygjDDxkL1n6wmRZhdV0xhNTe8I3tk3N595DtFojYUS%2Fwdj0S6kjiGPhGOr2jxkayiYuqSkYFeJFxsJDZBt0qkE8JoV8524o%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
resources
demand.qortex.ai/api/v1/monetize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/monetize/resources
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f2529d827449-MIA
date
Fri, 05 Jan 2024 01:28:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hw4NmPkmdy0GcVjXZw1WfPWeJsuApWL1PaJzQGHWL02Vz31RXzg0448GR9xXvoBLM1U6mE2xQ7jvzbgeyR84uftgUNCYyoDoElFKbYRnXWxveZPRE6IF4l4%2BoChXmuhBC4uGG4UB2R2oDdvZUcw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FsYw9DcRHpp9kWSwdU6vbwnnWeVGaKILE5RoMpsrcw7lqvoy8lIN5AM6BfsLj2eejgyNpFEV%2BNx6ItOSoQJ7wLTPfGBmw6JDuWz78ABNHiRVtnQyIh0o5Z2BivCz3Yi%2B9oxIO2Xo3W5ZzWwzJ9c%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f252fe307449-MIA
content-length
0
resources
demand.qortex.ai/api/v1/monetize/ 		21 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/monetize/resources
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f098994becd6270ce7bf67f6abc784ba16163757bddf5fe8b8bf548679c37ee1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeJlDiaRDxWZNnUdKQE785FMGRlocLBaZyD6azlzZqUmMIiCAkiKzQQraBzGGJCzir%2FDxawNw242nr8ou5viEfxqMlzv5WxuP3h%2BCLsM0Sh3SjbTmuoRtRw9854f4DePfmL12vtZVP%2FYazxr4NM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cf-ray
8407f252fe417449-MIA
content-length
21
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f254898a7449-MIA
date
Fri, 05 Jan 2024 01:28:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZAywLDhxaZygPi4DYNNk8GG81B3zs3xAg61w4ZSxQNhYjd9ezumen%2FuC32y25drqYBSx6o4L0dgG%2BMQYqFr3ckRcCANWR66B%2FybyOtbj7jkJojVr0OqPixCiLMZNEQdZT92MYpR6pFSqwPA1Nk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rI5KHEDXOv%2Bi9%2BLP3v4e9JQdsMfopM1E6IPFnoP7Dr4qN2Ylmpv5zkdD0j%2BapXp%2FRJ3LmhOfz0q4wjaXRDz8IYM0VktXlgm%2BesIqNEPrtDnbSiCblbfcIwwife038a0ZCaMGikHRPvPf8ztqP4w%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f254fa767449-MIA
content-length
0
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f25808477449-MIA
date
Fri, 05 Jan 2024 01:28:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7o1C4upsBYNaCyVqMmtgMyuoxGSYAH1fu1wyf4Hx60EjMIc7qc1iybnkIiR9jC8FDjXJdRppgOLiTZhqAuuUTRO%2FDDXhzUL%2F7IgIL%2BiFxVTwOFh%2FjXulcROrovqGpSJUtAhJ4yZiK5LUJAwjUQQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wttKKDkTPYhNV9gmUWBqfbBeh6tpbrrN1c83TJlpUY0i%2BMdO8KCMkXRXnUq6VBhmhaRFUESFyLdpzLdxPl10PoOwTrOHTOhepTDgal0k%2BMtzZ2Dk9Nz1jD4mdTwmeRI829%2B9c4XqZEr5axgDE68%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f258896d7449-MIA
content-length
0
p
sb.scorecardresearch.com/ Frame 2894 		43 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1704418111065&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10009&ns_st_cl=34073&ns_st_hc=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=3287948&ns_st_pt=10009&ns_st_dpt=10009&ns_st_ipt=10009&ns_st_ap=10009&ns_st_dap=10009&ns_st_et=10009&ns_st_det=10009&ns_st_upc=10009&ns_st_dupc=10009&ns_st_iupc=10009&ns_st_upa=10009&ns_st_dupa=10009&ns_st_iupa=10009&ns_st_lpc=10009&ns_st_dlpc=10009&ns_st_lpa=10009&ns_st_dlpa=10009&ns_st_pa=10009&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1704418128640&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Oahu%20Publications%20Recirc&c3=sendtonews&c4=News&c6=*null&c7=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&c8=&c9=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-29.iad12.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:48 GMT
via
1.1 6400936fc4525d1c60e3e8fee9d4806e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
IAD12-P2
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
HAi9K2Rlp_BZaqAbS1laa4sKr-A4vZl7JpBXuX1wudfNeUCeNNav_A==
player-event
events.qortex.ai/api/v1/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQFOdmSVi%2BqouBOItfSoZ%2BOfprduIIIWxX3TQT%2BAx2uBNWPT2aVuEq04c7btk2NUpp3vr4ChKPfoB54eE%2F6HLUPxfBVSlkiYYULVi6ui0Cnb3anaG9P7QkuXadf57aVQ4vgLTcdHl66YJBPua10%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f25fe8a07449-MIA
content-length
0
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f2593b087449-MIA
date
Fri, 05 Jan 2024 01:28:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxHsSrd0X4UTUIc0Vc16XjBE6qyAjqCu8%2FW4jBcghXSIvZyzt3yBCbhMqxdZx2v3C5EChRdbt6%2F8EhZ4Pp1sfGhzYpAkM%2B0Y8xZtoORg93Q%2BD4bCvQzvvwiEyj1LCfUC3o66sIpPR07KT2Ak55E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iqdun063Ta5abg32t049ZN1TKGgnFeTKod1dnUHc3UFNHrjStjKYgRxbM%2Bt6AdurD2lbbXAILZX5kHkn4Tb6MjXwVdlrMqazaMZjYgrJxSvt20XLofhgiooW8OlH5Ru7D25QIcU85WuY%2F%2Bo0%2B8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f25b3f687449-MIA
content-length
0
resources
demand.qortex.ai/api/v1/monetize/ 		21 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/monetize/resources
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f098994becd6270ce7bf67f6abc784ba16163757bddf5fe8b8bf548679c37ee1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPNAsWyxWfIMGyEBNgSc%2FcNVDT1FumIXmHvoxLo7ducJm68nPAH%2FkbBe3uuW9Jk9dycWvviDokw7I3NUX8nrxaErV9nHKhG%2F44XwueNPsBMEBDMvFEE3DrV9eOg5GsPlbzVPpmOm0nGSF2nJBVA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cf-ray
8407f25b4f737449-MIA
content-length
21
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f25adeb47449-MIA
date
Fri, 05 Jan 2024 01:28:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2Bddg%2BsiDjgWPgLMpiMVt28%2FdeMt22CAuy06Hwwx8sctu45DFEKWb2j%2Fz0Hdn6SXFRGRT0N4A7e6xKPUe76eue1RlAJ5jojvh4yFPxcpGOlWIDD5pHIDBkbPWvzuI0zFm6887%2F3wFTZSza%2FJWQo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
resources
demand.qortex.ai/api/v1/monetize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/monetize/resources
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f25adeb67449-MIA
date
Fri, 05 Jan 2024 01:28:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bz8gEajAaTsgzWs%2Fx68ITQ%2B9SUsgRnu4d1ZzpMLmiktJmNz8nRwB9E%2BgiXO01zrvQnJQD2sRi3If4VF0u%2BJKUDHI7u54XofseVuznlyFODt295sRd4Bg%2B%2BgNMIfOlO8DSw4B1ZHtCSSofFfOu24%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjaI5y9Po%2BOZAaZ4ZdlEXQktKo8fV%2F724%2BzQs9yotFFcsF3wHgthxWkgYj5dyX87nXBDmJHW3j5IXVLyRIpwBuk4i9ctvCQl3CTnE4DskQ%2B4ylaiOM9QcP96qXs3Y86lzDkLmKG4T9Y8tHi%2B0m4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f25d4bc17449-MIA
content-length
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-39CWM68PTE&gtm=45je4130v9122458175&_p=1704418107434&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=495654607.1704418108&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=3&sid=1704418110&sct=1&seg=1&dl=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&dt=More%20than%2020%20injured%20after%20New%20York%20City%20subway%20train%20derails%20%7C%20Honolulu%20Star-Advertiser&en=ad_impression&ep.query_id=CNeY2KaMxYMDFWWK0QQd81ACWw&_et=13642&tfd=25915
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f25cdade7449-MIA
date
Fri, 05 Jan 2024 01:28:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOmwcKOdqoHym3iZUmGGVRSd%2FhuYfSA5wwJhHlq1VsOGDXW43hx02U9KQQXIstYbUxQmJXxTSxSZ%2BlWWmjlN6c06f%2B0ZSHKH6JFqg1nl7TxJnOSxq8ikVvUV%2BwpZd9P0ZwlxbskR%2F2D%2FomKq4yU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hijvd7apzju1DhMK%2FP7b4nd8cXFvmqE0GJuJq6T%2Bl6MZ4G%2BC5hvfFehAkThnEYeHQVCfHZahCrA7yGzwKCiE6Cn%2FmaMPMXwjfvMm05a60B7mleaqRpIuRIWZniDKlonVMXjGtRiMcZ2xuAflDbs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f263880a7449-MIA
content-length
0
resources
demand.qortex.ai/api/v1/monetize/ 		21 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/monetize/resources
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f098994becd6270ce7bf67f6abc784ba16163757bddf5fe8b8bf548679c37ee1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RWFuF%2Bxj0Ahl8j2C8Dvgps5Q6JiPrwXFlnpLaXzynsnxTxAD7%2FIYHG6VAjChvRZkXiGpxVH0FNP7HF%2Fa4Zd6GN2os14%2FwrlW3DXY4cI1JQY9qoLW9LtAd5SLKXWF9cSVspYIpuQ73YmnduOPMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cf-ray
8407f263980e7449-MIA
content-length
21
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f2632f1b7449-MIA
date
Fri, 05 Jan 2024 01:28:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BTrhZRwG%2BxhW%2FDwPtrPAv%2FXq1S6WKobNKfBvaWsH7LKbOGZVi0l20K2tlV6f2jcpkbtVisAukCrjnF7GgwPlBMBrEhmQf%2FCTs5Of9Ynuhe%2Fu4RrKtq8lgcaEz0uudSfSCgeK9LI1081Rtf6rjs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
resources
demand.qortex.ai/api/v1/monetize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/monetize/resources
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f2632f207449-MIA
date
Fri, 05 Jan 2024 01:28:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FLXYjQyupJa3%2BKtdi34OLTRX4H5ACGcKeOVmE9b4P5%2BNa68sz0CD1iE8AZr5ZmOyt9SpXVoymgREp9VAJZgJiUYTOxRhoE4AHzvmOOp%2B%2BeWFPg510IBL8UOTWFK8O4r7D2VEfyjGoPSDxLhiFk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f264db257449-MIA
date
Fri, 05 Jan 2024 01:28:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kctzgFQgpCZTbKYhgeOIfl8R5FsQscAijAxlomxnRkH%2FdNJHnq2NnlkojKrpAV1oPRiYD1BoQHg55%2BCI8y6z%2Bf0JKGsPPy%2FJ0sNLM6v6IxlVCiFRdE7Fd22B1HkRhVPRA866PkkPbx7QYHSnVHE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pD%2BJgfdDKbKcJRgkqaBEgNTYPmu0Oa2JAGx4ksD3X08GN84gCrb0Q%2BNSNA9cE%2FAiQOM1nqWujO7Viw9l2BEkXnlFltwuOhvkY%2B1RYcPZ6ginnPaeClfisE7ddlHNcL8qN347rscmzigbeO2T2x4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f2654bc97449-MIA
content-length
0
cookie_sync
prebid.adnxs.com/pbs/v1/ Frame F936 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
e438e5c73cd690022c1729ce8beec8bfeb691d901b13159ace72f50eea75168f

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:51 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
0
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f26b284b7449-MIA
date
Fri, 05 Jan 2024 01:28:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nM2nIo6sJFCmLmC%2FL0a7CDzr4l75wXt7kLLHisQDcHpsrZL6SQzKgWg%2F%2FinDYYHDBUN32GmfQCO3DOtKO5RdUO3po8Z85ag80oRJiah3w0UqWngwFZ%2FD8x4huJ7nwylAYnaHWlu7wtvCdwuz6g%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
resources
demand.qortex.ai/api/v1/monetize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/monetize/resources
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f26b28527449-MIA
date
Fri, 05 Jan 2024 01:28:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBZV%2FPis0nQUFYxaDb6rq9oQ2Sttbvez4ZnPwntRWV27pB4iw9WSb7g0WSYaFgLm2vLmjmoF8AxIBqUpq3u2n42xzipZCp1zo%2FtF0jqAu2XVkIbHx8WqJBVHk%2BEJLvzRIvrRhzQcJN3FhFw1nJE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWfi6P9dltaPC5Pat044S17b1tX9DAVsorSkTaov%2BFkUz74wBWQBeDeLz3C90siMCP1R8xOOUIxXQ0fyPyFNWVmXWl9i3Jj%2BVDCJhjdfAmm%2FzZC13TU46LOPNJkAA0OMZcoi0e7Tmo8%2BIC47afk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f26b88f17449-MIA
content-length
0
resources
demand.qortex.ai/api/v1/monetize/ 		21 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/monetize/resources
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f098994becd6270ce7bf67f6abc784ba16163757bddf5fe8b8bf548679c37ee1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksLlDwBGr2vHpoDkwMEbVw2eJnfXR%2B1DC7dV5YoCEbX0rH377LKOHpXJl%2FcjUa%2BtNHJLH3sfIEP76d4EwDtEqArQ%2BjVfdaRLI%2Fqv%2Bsf0um3lQYqxsOalOWGoCkHFoZtbi%2B4m1EnTpRaHuNyZSPc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cf-ray
8407f26b890a7449-MIA
content-length
21
cm
u.openx.net/w/1.0/ Frame F3E8 		724 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3cadbae170d390eb07482f947b805544aaf7a6f7f603815d9da4f7648d6945ae

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
434
content-type
text/html
date
Fri, 05 Jan 2024 01:28:51 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
setuid
ib.adnxs.com/prebid/ Frame F3E8 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=openx&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=7fa3f5db-f526-4aad-8584-3bbcac66db73
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:51 GMT
an-x-request-uuid
405ca503-7e2e-4c33-a072-5e697f325a3c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame F3E8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5394353749448417114
43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5394353749448417114
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5394353749448417114
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sd
us-u.openx.net/w/1.0/ Frame F3E8
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ia1CK4r6TyqSrEslj69Wf939TnqSqBp_3anUfAhW
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ia1CK4r6TyqSrEslj69Wf939TnqSqBp_3anUfAhW
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ia1CK4r6TyqSrEslj69Wf939TnqSqBp_3anUfAhW
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F3E8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=0e9edc1031de420496b7be83175ae78d&ssp=openx&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&consent=&gdpr_pd=&expires=7
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 05 Jan 2024 01:28:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame F3E8
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=1813050728247349171
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=1813050728247349171
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=1813050728247349171
Date
Fri, 05 Jan 2024 01:28:51 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame F3E8
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=A0A7D3915CF44960ACE5E888F4B75986
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=A0A7D3915CF44960ACE5E888F4B75986
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 05 Jan 2024 01:28:51 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=A0A7D3915CF44960ACE5E888F4B75986
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 04 Jan 2024 01:28:51 GMT
ibs:dpid=127444&dpuuid=0e521442-191b-476e-bd4b-7f1dc324ebc5
dpm.demdex.net/ Frame F3E8
Redirect Chain
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=46cba690-7b63-4335-ac8e-07afa7abd811
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=0e521442-191b-476e-bd4b-7f1dc324ebc5&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=0e521442-191b-476e-bd4b-7f1dc324ebc5
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=0e521442-191b-476e-bd4b-7f1dc324ebc5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Server
54.172.142.205 Ashburn, United States, ASN (),
Reverse DNS
ec2-54-172-142-205.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-0cb211d63.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
/+K8KZ5ySv0=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=0e521442-191b-476e-bd4b-7f1dc324ebc5
Date
Fri, 05 Jan 2024 01:28:52 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
player-event
events.qortex.ai/api/v1/ 		0
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kywk3U3kCAu%2BlsLp7nBt6a32TSNOrKLYRsnspygBUQlpn4iPHgyOCZZ135kEZRvNqU4maTVjlNxFhZ7O6m6E8qc%2BmP4yjJ6vsip%2F%2FoIgKyt4u5%2B22hBJjm2YzItFK6zXlt5tZT4rZ0MgspbJgM8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f26e9f3c7449-MIA
content-length
0
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f26e2e727449-MIA
date
Fri, 05 Jan 2024 01:28:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89f0nd81JhIZbrtRvDdNXTJFJjp9gjk75RnCIrqtvkjXTzeynT9a7QncYDvWtLJ1mpaNd%2ByRx%2B%2BZUd%2BnxJYUgSezwTFmzLV0VjXlcjLRV6vJVBPmu4ePxkBu2Q87L2uYgFXn2aHS8fe42gDa%2B7Q%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
all
csm.us.criteo.net/ Frame A1B4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=2kihzg9UISSGukduTL4RIzL5w40dvN8Z_irf-uvMTFHWIXUShpIXzijc3nbU260lHTzxMjxgNQaj2B6_IHkv2w31thd4xmJXPYJ_4vuYR1yRbKpaoeGYPzXCltHJ9lfKQn_lMBLmmEv0-ILCMUOjg2zV99JMsJe4aH5VadyizSWGiJXAjtRAMF9FnPX-hD7OGac1MHF5f6DRfmcj3m3i1zAvVoXg79Y1kK-BgvsziIFCe9CbwCQn2zBbfw_qmm0-vVMR9w&sds=2&rev=90025&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZZdbTAADEn4IaCcKAAqevDP4T4gK--tJYxAIPA&u=%7CXEfrSS7KiJg%2B9O89rc8um8RLWiSWScKmFJit12HXCT0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF001uFa70DxO771mhLI1SmYvQ9FXoJngGw0jSGyv6XqYV-HaV7b-k68p07I58TBoWW9SmQGUnbYk85VzSbI3HyWCwADQAMnopGNApTYdJo3vx9ZlPWs9PuD-hFZCQbJEdHk-WIocY6OGbRGt7c92wCYCBlz7b9I7yjnyPnNviktPPKETUfbd5cLMlB2ICGsWsXqsE5YUy_1sm895CB2EQ5quBK5Vq6BTz9ffpskTWWjNucJhLY-EY5YReaUqBDEXLAsdSZX4sDeHfe8Pf3qg-J_Dsti464UdK6M0rVtXzCQSusv0MSpZJpk_OFvw8B-S4pO5na1tqDTISFtOPMaLuNYJdzVuwkuI397bwMWXwTomTvSBNfHzyEkD3faLdcOA7s9KmknNjmvVJjWWKCcIkqvdkH_l7M79B-qEQ6yTo0VW3FjfmUuNd1HjCfzyXD7_Jot2Yrd6cr1fPH8U_0V16wbmXKL6AcqbWCUTCnbKek7LHUygdhwaOuSQE8TAsl0VbV0soKN-IXYEhd05btgHhtuSOWJhMu9DDh0911J87z4l88&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClSsVTFuXZf6kDIrOoPMPvL2q0AGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzk1ODYzNTgzNTM4MDE1MMgBCagDAcgDAqoE-QFP0MYLP0Zd97MTteqCpyeG03lsjd73PHt364L9sldo7vutiXtONUz-FNpw78CVo1WQW6qMctuDMFML2Sfogz116Q6au5vhjRfKtE3nEXyDjpsuqimZHK5detsPBWo15fW9ztohboWrNEumMWznw1AdROyfIlz1VTq1RUBycHUzl_ZwhbuSkllrRMLzdj__PmrpHMU2GnxriVkxqDOJxsQUdiMLqo2MxH86S-nleLUOMdP8wyo-4150tqxX6lk1xMjc4u_T91AsVml8yVKwvXWIUaOondQvL1_NE-5IGg8fVgdzRZPFeE3jq084BEYI1QnYkmnjpv9jwwGABpju34yH193snAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY6N_dpozFgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jiM41XGdHkD9DsOKJ_cSvsEAeFw%26client%3Dca-pub-3958635835380150%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 05 Jan 2024 01:28:51 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
/
ssc-cms.33across.com/ps/ Frame D953 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&ru=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP015 /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Fri, 05 Jan 2024 01:28:53 GMT
server
33XP015
x-33x-status
2000208
collect
v.clarity.ms/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.staradvertiser.com
Date
Fri, 05 Jan 2024 01:28:53 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
player-event
events.qortex.ai/api/v1/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3hyCYUZG8bGZwHaAsyDN3dIeA5SIhxadjosUHbJQGfUmIiT1Xl82%2F9UBQk1oE3UhF%2FsDCTOMh20IChYUdHeYuduynN7plLMIW6fVbKERgkAfiZVCruygOU0AKYMfpA4ctz84ZKiFon7hIMIu3Q%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f274dddd7449-MIA
content-length
0
resources
demand.qortex.ai/api/v1/monetize/ 		21 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/monetize/resources
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f098994becd6270ce7bf67f6abc784ba16163757bddf5fe8b8bf548679c37ee1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkbnnwJpVpuRvebfbMi0VDq43pq2Ml7dJFEuh7EXCjuM9xNsbwaDybnFPkAnt4fre1zQa%2FDS43kE6u5cUkemi9CHTi4tw2HGYYe5ZvltLGkY%2F6YmgJDfF7Ch9vcfkAIOmsWEI7i5cPwsdQs5gFA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cf-ray
8407f274dde17449-MIA
content-length
21
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f2747cfe7449-MIA
date
Fri, 05 Jan 2024 01:28:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiKlaTcDH6mHruvgxCoszU7y3d%2F72OKtvJwVcyVJ3G54nw5CB%2BvFzcegtR9dC6EPRydgmlbuTHMEqbeilN6IFNtjOEPkDziSf13VQICcygRu66FdpFaZ6OXVKa%2BhoF2SkNnwK5OJLAxt8I5oKN8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
resources
demand.qortex.ai/api/v1/monetize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/monetize/resources
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f2747d007449-MIA
date
Fri, 05 Jan 2024 01:28:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X06C1wYYuMv%2BaZKkZGQsVUtMp7hhugd4uj8i5UClONWN1PB9kVMzQWyfaBVacaHKibVKSD5k47tIaWvC8qogLVFITMWNdyX8qPv9vMs0gyto2WoTzHbpc7VMmDHdormsKiVrjTc9miwj7dds%2F8I%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f27618667449-MIA
date
Fri, 05 Jan 2024 01:28:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hu4z7x9DjiTBXihdcvK0fNTy4oyYuEucyxvvow7oWjpeegTvbSv3%2BX6upCWZOVKvH1v9QVQOnVFfsKLqvHpLcpzbZBfpaBydzFnk5v37%2Bpp7EUQBp7oyzzb0aXe2zc%2BTkY6g33O6I1WfG%2F2Mi0w%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YeOwnRK4%2B1cxJdzPMX3Yd30xGJsrYMR5o2WEbEBs76lZDvzHQMbBNTsd9P5iKWoGpazr7%2FB6ay6cpvM5Jb5Mt%2Bo9igUx%2FeiShonjc6%2FFSjdLKQwIYXQ5nmhBlOm587ui4dmgp6DYyfKzTQMEc3A%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f27679637449-MIA
content-length
0
32202822055745462659705d2b64346.47145170-00003.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/32202822055745462659705d2b64346.47145170-00003.ts
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5acb6ef652ed2e4431be51d530d424a1c77f64cf98ea0fb39d89658f5ca46185

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 20:28:11 GMT
via
1.1 3dcb635971b5d310e8941cdb963aff70.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
age
18043
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
1612852
last-modified
Thu, 04 Jan 2024 19:24:44 GMT
server
AmazonS3
etag
"068da817459ce65e9169a534b86fe482"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
9Ytlc9k6Xtt3ytBb0tlSyWR_HG_ZY_0FpvNbiA3vFAk5u9hfqPjNQQ==
player-event
events.qortex.ai/api/v1/ 		0
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XIJ25nC7vIOlplIWngANj%2BtjesIG4T2rCR76rSBEhMDD%2BTSo1n4JRzJRU1yqybuW4pDMLlwVojB2osGulzHF%2FJ%2Fk57HtKa3MTAUlBxZv%2F8hEVMdgqh1OndT8Sgkr3LBRh62Ng2DGj%2BWFbfIwpg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f277cbbd7449-MIA
content-length
0
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f2776aed7449-MIA
date
Fri, 05 Jan 2024 01:28:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOJRLj9a%2FG%2FdWjy7eB6O5Rnnt9wfDH1jhM0At3RaXR6zFR9uBWkR%2BSpx9uxRTtUDtud6c1IspZSdgA0Xmz%2BDD7uxCd95YcIz7h8ewKEz9pNmaC0Q4WTseW9uLiYiL6DjOm7HR%2FGMkEn0YTORW8c%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
pd
digikulture-d.openx.net/w/1.0/ Frame E25F 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://digikulture-d.openx.net/w/1.0/pd?us_privacy=1---
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
657
content-type
text/html
date
Fri, 05 Jan 2024 01:28:54 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame DC14 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
72167
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 05 Jan 2024 01:28:54 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 24 Dec 2023 05:31:43 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
360, 154825
X-Served-By
cache-lga13626-LGA, cache-mia-kmia1760078-MIA
X-Timer
S1704418134.293687,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DB2A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=148803&us_privacy=1---
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71406
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 05 Jan 2024 01:28:54 GMT
expires
Fri, 05 Jan 2024 21:19:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame A1CF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5258305223
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:39 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
usync.html
eus.rubiconproject.com/ Frame FE7A 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:54 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame E503 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1079
content-type
text/html; charset=utf-8
date
Fri, 05 Jan 2024 01:28:54 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pbcas
ads.yieldmo.com/ Frame FAAD 		839 B
1020 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.225.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-225-207.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Fri, 05 Jan 2024 01:28:54 GMT
pragma
no-cache
vary
accept-encoding
/
de.tynt.com/deb/ Frame 7D05
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73...
2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2008
content-type
text/html
date
Fri, 05 Jan 2024 01:28:53 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Fri, 05 Jan 2024 01:28:53 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8340000A
csync
sync.adtelligent.com/ Frame 0935
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D...
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=3474197131523813000V10&traffic_source=snippet&session=13A73333B6E4BAA1&sp=792813&pb=554204&c=750708&a=754412&domain=https://www.staradvertise...
43 B
459 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=3474197131523813000V10&traffic_source=snippet&session=13A73333B6E4BAA1&sp=792813&pb=554204&c=750708&a=754412&domain=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:54 GMT
Etag
0fa566d64aeda508
Server
Adtelligent

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Fri, 05 Jan 2024 01:28:54 GMT
expires
Fri, 05 Jan 2024 01:28:54 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=3474197131523813000V10&traffic_source=snippet&session=13A73333B6E4BAA1&sp=792813&pb=554204&c=750708&a=754412&domain=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
isyn
prebid.a-mo.net/ Frame 1B94 		200 B
255 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CtABShZ3d3cuc3RhcmFkdmVydGlzZXIuY29tUgthYXMtNjQ1NzE1N1oIcGJhMS4zLjNqFnd3dy5zdGFyYWR2ZXJ0aXNlci5jb236AQY4LjI2LjDoAgGIA7q23awGqAM66gMkMDc0MDQwZDEtYmJhNi00ZjNkLTkzZTYtZTUxYzVmODAwNjQ3qgQDRENIsgUDVVNE0gUJMTA1MTk5Mzg22AUB4AUB6gUHZGVza3RvcPoFA255NaoHA3dlYsoHEnN0YXJhZHZlcnRpc2VyLmNvbeAHAQ
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 05 Jan 2024 01:28:53 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
isyn
prebid.a-mo.net/ Frame C5CE 		200 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 05 Jan 2024 01:28:53 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
csync
sync.adtelligent.com/ Frame 8B7A
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26...
  • https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=5394353749448417114&traffic_source=snippet&session=13A73333B6E4BAA1&sp=792813&pb=554204&c=709112&a=743293&domain=https://www.staradvertiser.c...
43 B
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=5394353749448417114&traffic_source=snippet&session=13A73333B6E4BAA1&sp=792813&pb=554204&c=709112&a=743293&domain=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:54 GMT
Etag
0fa566d64aeda508
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Fri, 05 Jan 2024 01:28:54 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=5394353749448417114&traffic_source=snippet&session=13A73333B6E4BAA1&sp=792813&pb=554204&c=709112&a=743293&domain=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
server
nginx
iframe
cs.smartssp.iqzone.com/ Frame 9061 		0
0
ixmatch.html
js-sec.indexww.com/um/ Frame 4E7F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
34
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8407f27b980bdacd-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:54 GMT
expires
Fri, 05 Jan 2024 05:28:54 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 762D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a2165ovUyr7ykCrkHcnnVW&gdpr_consent=undefined&us_privacy=1---&gpp=&gpp_sid=
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP014 /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Fri, 05 Jan 2024 01:28:53 GMT
server
33XP014
x-33x-status
2000208
pd
u.openx.net/w/1.0/ Frame 3C1E 		911 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
549
content-type
text/html
date
Fri, 05 Jan 2024 01:28:54 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
csync.smilewanted.com/ Frame 9E43 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/?us_privacy=1---
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8407f27b7d167421-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:54 GMT
server
cloudflare
vary
Accept-Encoding
sync
x.bidswitch.net/ Frame F936
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&bsw_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=59e9df5d-c912-4e7b-b753-fe5a89a9761c&ssp=themediagrid&us_privacy=1---
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=59e9df5d-c912-4e7b-b753-fe5a89a9761c&ssp=themediagrid&us_privacy=1---
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
//x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=59e9df5d-c912-4e7b-b753-fe5a89a9761c&ssp=themediagrid&us_privacy=1---
date
Fri, 05 Jan 2024 01:28:54 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
setuid
ib.adnxs.com/prebid/ Frame F936
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%...
  • https://ib.adnxs.com/prebid/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=VEIznffDDzf1nB7iTMI_&gdpr=&gdpr_consent=&us_privacy=1---
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=VEIznffDDzf1nB7iTMI_&gdpr=&gdpr_consent=&us_privacy=1---
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
an-x-request-uuid
359f74ef-61fd-4cc5-89af-c46f28b55999
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://ib.adnxs.com/prebid/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=VEIznffDDzf1nB7iTMI_&gdpr=&gdpr_consent=&us_privacy=1---
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
sync
ch-match.taboola.com/ Frame BD45 		517 B
603 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ch-match.taboola.com/sync?dast=V8MuwCLAZYi8NDfbKruBKwFoeH-mRXcS0AAABgYID-AIk4J5uJw-RbCxam5Vq0Gk7Wws1k5FYZloPdYjKxrRyrISAR52QzcZh8a8HCtFyLVsPJWriZjNwqw3KwW0wmtpVjNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG9ih6XT4XPd63e9315welofJ9rKcnp6X5a7xu_2SwWS0Fyz2gtFeYnk5vE67zy13-T5_td_ycouODrtbMlgr7VbX5WVyK2yml-Utd_neyr_l69Y4Tc-35nXxPZxv0eXhtLtFLsvDafb85QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaA8Q0CziwHBHf5Dsq_5esPAAAAACAAAAAASAAM7DeWALh4TTzx_________x9jgD7zRsb_____jYUeAA8-AB6EAAAAXAwxl61BrB3ZLSdyYFOEEQAAAAATQjujI5N0gopFlf___34rAFcAAAIYr3nIlrLoDkq8hQEAACgYs0APi99vdtg1frfL_P________-b-T_zj0ZoZGYmjfAkPKmaX0AAgDW_gAAAbNQNAMCbADhBJwBWRyEWs8FyM1kOlrMDAAAAcOf___9fD8jMfIvBxGTYbTwr32oz8Q1XE4dtZlmYbBvjxjTYHvHI_4yiLyjiPiHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBgtRptVjPPWuUyzdyilWO0Fm5GE7duuBwsTDPjZmWzuUWvj-njHKwME48XCQaw7UXytEgnssnKNfEtJoPByDba7JbDjck2WZgcI9PGspgYJxOxRHOySCeyy74z8y0GE5Nht_GsfKvNxDdcTRy2mWVhsm2MG9NgX1itRpvVzLNWuUwzt2jlGK2Fm9HErRsuBwvTzLhZ2Wxu0etj-jgHK8PE42_sBqPRYrgYDPeN3WA0WgwXg-G-Q2f4rj5no_JlzHiEIpE4sdvZnAaFy2DxTosWaetw9Bl1XttEmFqbdo6JVWiVeA0Kz8FjGhtr6sPfmlvtbhaF42BRxBLBRTrRO4yut-b0sDxMtpfl9PS8LBexRGm6SCd6yWAy2gsWe8FoL7G8HF6n3eeWu3yfv9pveblFR4fdLRmslXar6_IyuRU208vylrt8b-Xf8nVrnKbnW_O6-B7Ot-jycNrdIpfl4TR7LmKJ4HSRTkQv4-mi_qOGGc4Vm8lcsRjOdYNVAgAAAAAAAACwBJNMNwEAAABwMpDZYjBYrdNBrFaTyWy1XAARVqy6fv5ZsHPebBl3SamVa7HF1qEUa-yxiXcYXW_N6WF5mGwvy-npeVmuDCDCSpXZZp8RxFqtljUAAAABbAAAAAHcdONNwJkV9____z8OAAAAgBx6AAAA9PuAooqFH7lQ7PkVxGIxGO0fgAqxVqvV7cZarVZAgdpNIABAQD1BAAAAAACAFTA!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 05 Jan 2024 01:28:54 GMT
machineid
3802
server
nginx
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 2894 		185 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.6.0
Content-Type
application/json
access-control-allow-origin
https://www.staradvertiser.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
hb
hb.undertone.com/ Frame 2894 		0
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3590&domain=staradvertiser.com&ccpa=1---
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-73.iad89.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
via
1.1 7a99ed3f39c18af8fe138a695e5f657c.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
IAD89-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
c_OP2V_9AzriTzMjEWqfZ1mP9n4Pvncn2uYfK_IBGC9_VQMEs9UWCA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 2894 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ Frame 2894 		19 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.6.0&referrer=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&tmax=3000&us_privacy=1---
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.194.35.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-35-34.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
accept-ch
sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 2894 		37 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=438214
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
851323488d133cdb7079d240a47b96f25db7385bf99adfbbc69c1af71e688403

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XQdM1sj4RI75Niz9vrLoo%2BjLYVAAcRTR4Wn8sXkF6HiVkYxVcNGj6vH6JOQIAeP5cZ%2F9WQlXPaKj9wWG8Rh9GDAD4OGZRTsLoryYv9f3phXP%2FsEW756IOS8XTALnt8KwtsQ376s"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8407f27a4ac625a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 2894 		11 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 2894 		139 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
00410ff787ee117aca6886699b8c1b78f9dec071e583603883f3b855e9b74b15
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
an-x-request-uuid
e34d9cc6-3581-4d8f-bb0f-7a7f4ba482d7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 2894 		103 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&pid=RpnEwdKqxMHYi&cb=1&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!stnvideo.com%2CSTN_0001779%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*PSL19mRsp2eSNHfZHXax3p48aYSLeyTgjDI7RywaQXh6PkESV6xbj8FWB2xIPr39ej8cWgbQ9IK4p5B-RHR0LQ%22%2C%22pubcommon%22%3A%2295d1454d-e53e-46b3-b4de-3341491a2a03%22%2C%22audigent%22%3A%22%257B%2522hadronId%2522%253A%2522060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%2522%257D%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.66.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-66-130.iad12.r.cloudfront.net
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:54 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c1bfc7dbcf7f9782aa3be590b7ce3d6a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD12-P1
x-amz-rid
98EV29QDQPCVP6J8NM9R
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
103
x-amz-cf-id
xPPQOSVmy5zUbUTSQDBUx3DhxEKmcB7uqb88f-pEQMPfSZ3dD06ALA==
player-event
events.qortex.ai/api/v1/ 		0
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=on%2Fa8rSlXBJ30DZPqC965hV8vxo2nueEUFZn940E84eQtwp5FQ1LDy1v9JzDdy%2FTEHqF5xYD3bI6Y2YFIuj0zQS%2BSU7HTcEWqSfhf9SL1bTUrPKVfl3%2B2tbVFuBoWLMpj7oKcQR%2FUquWAw6Sc3Q%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f27af9c97449-MIA
content-length
0
setuid
ib.adnxs.com/prebid/ Frame F936
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D%26gdpr_consent%3...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=26efbc08ee844f3d81569a7655eb8db1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=26efbc08ee844f3d81569a7655eb8db1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
an-x-request-uuid
8c0cd041-81a1-4ff2-a10d-7cc4dab0a092
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date
Fri, 05 Jan 2024 01:28:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=26efbc08ee844f3d81569a7655eb8db1
access-control-allow-credentials
true
cf-ray
8407f27b7d197421-MIA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 05 Jan 2024 01:28:54 GMT
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f27a78d07449-MIA
date
Fri, 05 Jan 2024 01:28:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRnyvz5c1iBmpwjnOW8TSjF%2BEfXb2kTmYI1vkHvED%2BheQkeLZBk8qGtGFdkRpV64aKfrUBhUeqrYA%2FupXVUYGnmpLx2S%2B2NsKYZOhHjeAugMhAwG%2Bdny6JEH5Wlp6HgpFz%2ByUHXibrxK2hXMSVI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
6
tr.blismedia.com/v1/dpusync/ Frame E25F
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/openx
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=65975B48E0C2A3AB74921F42BLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D65975B48E0C2A3AB7492...
  • https://tr.blismedia.com/v1/redirect/openx?partner_device_id=65975B48E0C2A3AB74921F42BLIS
  • https://pixel.rubiconproject.com/exchange/sync.php?p=blismedia
  • https://tr.blismedia.com/v1/dpusync/6?uid=LQZYJ7Y5-28-J2H9
49 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/dpusync/6?uid=LQZYJ7Y5-28-J2H9
Requested by
Host: digikulture-d.openx.net
URL: https://digikulture-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://digikulture-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:54 GMT
cache-control
no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://tr.blismedia.com/v1/dpusync/6?uid=LQZYJ7Y5-28-J2H9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
sd
us-u.openx.net/w/1.0/ Frame E25F
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504534&nuid={OX_USER_ID}
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504534&nuid={OX_USER_ID}
Requested by
Host: digikulture-d.openx.net
URL: https://digikulture-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://digikulture-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504534&nuid={OX_USER_ID}
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame E25F
Redirect Chain
  • https://px.owneriq.net/eox
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7577045212095128841P
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7577045212095128841P
Requested by
Host: digikulture-d.openx.net
URL: https://digikulture-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://digikulture-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 05 Jan 2024 01:28:54 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7577045212095128841P
Content-Type
text/html
Cache-Control
max-age=11423
Connection
keep-alive
Content-Length
154
sd
us-u.openx.net/w/1.0/ Frame E25F
Redirect Chain
  • https://rtb.adentifi.com/CookieSyncOpenX
  • https://us-u.openx.net/w/1.0/sd?id=537077954&val=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537077954&val=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11
Requested by
Host: digikulture-d.openx.net
URL: https://digikulture-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://digikulture-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537077954&val=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11
date
Fri, 05 Jan 2024 01:28:54 GMT
content-type
text/plain
sd
us-u.openx.net/w/1.0/ Frame E25F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=4f460ba9-d9c6-40da-9953-454edfe3e1c2
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662087854649738
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662087854649738
Requested by
Host: digikulture-d.openx.net
URL: https://digikulture-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://digikulture-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
381
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662087854649738
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8407f27d0fc33dd7-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
sync.targeting.unrulymedia.com/csync/ Frame E25F
Redirect Chain
  • https://sync.1rx.io/usersync/openx/d54b6a76-370c-4b2f-bee5-a2418b855582
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Requested by
Host: digikulture-d.openx.net
URL: https://digikulture-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H2
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://digikulture-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:54 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
sd
us-u.openx.net/w/1.0/ Frame E25F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://us-u.openx.net/w/1.0/sd?val=AAAQHk7LLrYAABaDzK28HA&id=537125688
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?val=AAAQHk7LLrYAABaDzK28HA&id=537125688
Requested by
Host: digikulture-d.openx.net
URL: https://digikulture-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://digikulture-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?val=AAAQHk7LLrYAABaDzK28HA&id=537125688
Date
Fri, 05 Jan 2024 01:28:54 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame E25F 		57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=opx&ovsid=8e51138b-e7b9-43a4-8d47-85c79fd28b22
Requested by
Host: digikulture-d.openx.net
URL: https://digikulture-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.39.176.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-176-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://digikulture-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 01:28:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Fri, 05 Jan 2024 01:28:54 GMT
sd
us-u.openx.net/w/1.0/ Frame E25F
Redirect Chain
  • https://oxp.mxptint.net/OpenX.ashx
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R35CAB_10EC9D625_96FC73C6
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R35CAB_10EC9D625_96FC73C6
Requested by
Host: digikulture-d.openx.net
URL: https://digikulture-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://digikulture-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R35CAB_10EC9D625_96FC73C6
Date
Fri, 05 Jan 2024 01:28:53 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-387422934; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
195
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame E25F
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=wEAGKYle1Rlz0J5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=wEAGKYle1Rlz0J5
Requested by
Host: digikulture-d.openx.net
URL: https://digikulture-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://digikulture-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:54 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0e9829bb004758a80@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=wEAGKYle1Rlz0J5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame FE7A 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12329
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
setuid
ib.adnxs.com/prebid/ Frame E503 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2687056411155449827788
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
an-x-request-uuid
c65d89bf-7c31-4a64-a0e8-806a7745cddd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame E503
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&dongle=4430
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&dongle=4430
Date
Fri, 05 Jan 2024 01:28:54 GMT
Connection
keep-alive
Content-Length
139
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame E503
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=6adc7340-ca96-462d-b37b-baa1d1730357&dongle=d54f&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=6adc7340-ca96-462d-b37b-baa1d1730357&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=6adc7340-ca96-462d-b37b-baa1d1730357&dongle=d54f&gdpr=0&gdpr_consent=
Date
Fri, 05 Jan 2024 01:28:54 GMT
Connection
keep-alive
X-CI-RTID
5b1f4cdf-cdb8-4459-aedc-c5c44f5e27e1
Content-Length
149
Content-Type
text/html; charset=utf-8
sync
sync.srv.stackadapt.com/ Frame E503 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.92.239 Ashburn, United States, ASN (),
Reverse DNS
ec2-54-146-92-239.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:54 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame E503 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=114&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.92.239 Ashburn, United States, ASN (),
Reverse DNS
ec2-54-146-92-239.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:54 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame E503 		42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2687056411155449827788&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
last-modified
Tue, 12 Dec 2023 19:03:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EF3925AC356B4460A39FA0F9B83FA3DD Ref B: MIAEDGE2820 Ref C: 2024-01-05T01:28:54Z
etag
"e8d91e42d2dda1:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame E503
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAAQHk7LLrYAABaDzK28HA&dongle=bzwx&gdpr=0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AAAQHk7LLrYAABaDzK28HA&dongle=bzwx&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AAAQHk7LLrYAABaDzK28HA&dongle=bzwx&gdpr=0
Date
Fri, 05 Jan 2024 01:28:54 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame E503
Redirect Chain
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504534&gdpr_consent=&gdpr=0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504534&gdpr_consent=&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504534&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
xuid
eb2.3lift.com/ Frame E503
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3646&xuid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&dongle=1fa5&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://eb2.3lift.com/xuid?mid=3646&xuid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&dongle=1fa5&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame E503 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2687056411155449827788
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
sync
ads.yieldmo.com/v000/ Frame FAAD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEPrb84b2eii1lpp15gN_TUQ&google_cver=1
43 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEPrb84b2eii1lpp15gN_TUQ&google_cver=1
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
52.72.225.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-225-207.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEPrb84b2eii1lpp15gN_TUQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/ Frame FAAD
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LQZYJ7Y5-28-J2H9
43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LQZYJ7Y5-28-J2H9
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
52.72.225.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-225-207.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LQZYJ7Y5-28-J2H9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
pixel
cm.g.doubleclick.net/ Frame FAAD 		170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=VkVJem5mZkREemYxbkI3aVRNSV8=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ro
match.prod.bidr.io/cookie-sync/ Frame FAAD
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://match.prod.bidr.io/cookie-sync/ro?rndcb=8538124443
19 B
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ro?rndcb=8538124443
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
HTTP/1.1
Server
54.164.14.168 , United States, ASN (),
Reverse DNS
ec2-54-164-14-168.compute-1.amazonaws.com
Software
gunicorn /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:54 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
19
content-type
text/plain

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
etag
RX1b1c05a4a7cb4073855993f6a89d18e6005
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.prod.bidr.io/cookie-sync/ro?rndcb=8538124443
cache-control
no-store, no-cache, must-revalidate
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame FAAD 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=VEIznffDDzf1nB7iTMI_
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:54 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
cframe.js
assets.a-mo.net/js/ Frame 1B94 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CtABShZ3d3cuc3RhcmFkdmVydGlzZXIuY29tUgthYXMtNjQ1NzE1N1oIcGJhMS4zLjNqFnd3dy5zdGFyYWR2ZXJ0aXNlci5jb236AQY4LjI2LjDoAgGIA7q23awGqAM66gMkMDc0MDQwZDEtYmJhNi00ZjNkLTkzZTYtZTUxYzVmODAwNjQ3qgQDRENIsgUDVVNE0gUJMTA1MTk5Mzg22AUB4AUB6gUHZGVza3RvcPoFA255NaoHA3dlYsoHEnN0YXJhZHZlcnRpc2VyLmNvbeAHAQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:54 GMT
via
1.1 b26547db1e1891a614cdee548c1b3f08.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
296
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
server
cloudflare
etag
W/"e3fef3a35c249816d0d7aa58df5e6bf4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
8407f27c2fea67de-MIA
x-amz-cf-id
GUyyDMblVUmlqp07v6xwYZWJaEZMxdPAR9c6YVaoqFOPIcFzZLyEGQ==
expires
Fri, 05 Jan 2024 02:28:54 GMT
cframe.js
assets.a-mo.net/js/ Frame C5CE 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:54 GMT
via
1.1 b26547db1e1891a614cdee548c1b3f08.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
296
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
server
cloudflare
etag
W/"e3fef3a35c249816d0d7aa58df5e6bf4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
8407f27c381767de-MIA
x-amz-cf-id
GUyyDMblVUmlqp07v6xwYZWJaEZMxdPAR9c6YVaoqFOPIcFzZLyEGQ==
expires
Fri, 05 Jan 2024 02:28:54 GMT
sd
us-u.openx.net/w/1.0/ Frame 3C1E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=4f460ba9-d9c6-40da-9953-454edfe3e1c2
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662087854649738
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662087854649738
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
347
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662087854649738
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8407f27d0fc53dd7-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
sync.targeting.unrulymedia.com/csync/ Frame 3C1E
Redirect Chain
  • https://sync.1rx.io/usersync/openx/d54b6a76-370c-4b2f-bee5-a2418b855582
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H2
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:54 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
sd
us-u.openx.net/w/1.0/ Frame 3C1E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://us-u.openx.net/w/1.0/sd?val=AAAQHk7LLrYAABaDzK28HA&id=537125688
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?val=AAAQHk7LLrYAABaDzK28HA&id=537125688
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?val=AAAQHk7LLrYAABaDzK28HA&id=537125688
Date
Fri, 05 Jan 2024 01:28:54 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 3C1E 		57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=opx&ovsid=8e51138b-e7b9-43a4-8d47-85c79fd28b22
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.39.176.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-176-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 01:28:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Fri, 05 Jan 2024 01:28:54 GMT
sd
us-u.openx.net/w/1.0/ Frame 3C1E
Redirect Chain
  • https://oxp.mxptint.net/OpenX.ashx
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R35CAB_10EC9D625_96FC73C6
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R35CAB_10EC9D625_96FC73C6
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R35CAB_10EC9D625_96FC73C6
Date
Fri, 05 Jan 2024 01:28:54 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-387422934; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
195
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 3C1E
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=wEAGKYle1Rlz0J5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=wEAGKYle1Rlz0J5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:54 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0d750058cf9bb9763@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=wEAGKYle1Rlz0J5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f27dbfa57449-MIA
date
Fri, 05 Jan 2024 01:28:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JjkBUdqADJ%2Btuz8l2hd2KU827LMEer2ge2H1R6pYikSUtiEZ5A%2BEbN3PnEWkuWjsSeFc7kLJHEbrPkoBZAKhyFOqfpAZKPNwgq6QQLMi1fQ7gmb2rpNlhhbwwXI4SFyn1Z2N%2FJkyEB0WKae0j9g%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsUcZjvDSDxLGu7JUKOKTyBK1dp3LjKK5w0ADgFHw3UtTq2mRfCLuSV8tqJGK7ly3R7SIkAgZA4xTNm1ar2E5siP4vjrV5AGJNPkeer7U1E56riVm6nr1zK7Maj9qbJcxfUKnC9eO66G%2BFdj9YI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f27e38ac7449-MIA
content-length
0
resources
demand.qortex.ai/api/v1/monetize/ 		21 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/monetize/resources
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgfOGwx6QWFhzYjFWt4diqp9cXe3GCsKPRPB0yGcu3hCznI8mXNHqSRZGLPQxPWCfXAmbUNzbGVjH7Fd76pmQqmflAMlTIW%2FDKn5xtJs1%2BaGso5CJUp5w6Dy%2B72%2BVk0GNE7xsJQODxfwF6UbdLQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cf-ray
8407f27e28847449-MIA
content-length
21
resources
demand.qortex.ai/api/v1/monetize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/monetize/resources
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f27dcfad7449-MIA
date
Fri, 05 Jan 2024 01:28:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fi%2FGqC2%2F0BOohJPgA3eC%2FJcj23q3c0lhXYJy14Mv8YH7WPgMn6DIWqUVud5FoD7vK4dEvRlHRNMgSe6qpUaX1Uh9onD8FKei%2FabIIWYOpRR7aORcfEXb0MDibsig12K6JMU8s5a8F2OSMM4OY9E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame BD45
Redirect Chain
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=taboola&bsw_custom_parameter=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=4d715134-4d31-4835-964f-77d87de546c4&ssp=taboola&expires=30&user_group=5&bsw_param=f23bd312-5bb6-424a-95e9-d15220f0e7dc
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8MuwCLAZYi8NDfbKruBKwFoeH-mRXcS0AAABgYID-AIk4J5uJw-RbCxam5Vq0Gk7Wws1k5FYZloPdYjKxrRyrISAR52QzcZh8a8HCtFyLVsPJWriZjNwqw3KwW0wmtpVjNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG9ih6XT4XPd63e9315welofJ9rKcnp6X5a7xu_2SwWS0Fyz2gtFeYnk5vE67zy13-T5_td_ycouODrtbMlgr7VbX5WVyK2yml-Utd_neyr_l69Y4Tc-35nXxPZxv0eXhtLtFLsvDafb85QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaA8Q0CziwHBHf5Dsq_5esPAAAAACAAAAAASAAM7DeWALh4TTzx_________x9jgD7zRsb_____jYUeAA8-AB6EAAAAXAwxl61BrB3ZLSdyYFOEEQAAAAATQjujI5N0gopFlf___34rAFcAAAIYr3nIlrLoDkq8hQEAACgYs0APi99vdtg1frfL_P________-b-T_zj0ZoZGYmjfAkPKmaX0AAgDW_gAAAbNQNAMCbADhBJwBWRyEWs8FyM1kOlrMDAAAAcOf___9fD8jMfIvBxGTYbTwr32oz8Q1XE4dtZlmYbBvjxjTYHvHI_4yiLyjiPiHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBgtRptVjPPWuUyzdyilWO0Fm5GE7duuBwsTDPjZmWzuUWvj-njHKwME48XCQaw7UXytEgnssnKNfEtJoPByDba7JbDjck2WZgcI9PGspgYJxOxRHOySCeyy74z8y0GE5Nht_GsfKvNxDdcTRy2mWVhsm2MG9NgX1itRpvVzLNWuUwzt2jlGK2Fm9HErRsuBwvTzLhZ2Wxu0etj-jgHK8PE42_sBqPRYrgYDPeN3WA0WgwXg-G-Q2f4rj5no_JlzHiEIpE4sdvZnAaFy2DxTosWaetw9Bl1XttEmFqbdo6JVWiVeA0Kz8FjGhtr6sPfmlvtbhaF42BRxBLBRTrRO4yut-b0sDxMtpfl9PS8LBexRGm6SCd6yWAy2gsWe8FoL7G8HF6n3eeWu3yfv9pveblFR4fdLRmslXar6_IyuRU208vylrt8b-Xf8nVrnKbnW_O6-B7Ot-jycNrdIpfl4TR7LmKJ4HSRTkQv4-mi_qOGGc4Vm8lcsRjOdYNVAgAAAAAAAACwBJNMNwEAAABwMpDZYjBYrdNBrFaTyWy1XAARVqy6fv5ZsHPebBl3SamVa7HF1qEUa-yxiXcYXW_N6WF5mGwvy-npeVmuDCDCSpXZZp8RxFqtljUAAAABbAAAAAHcdONNwJkV9____z8OAAAAgBx6AAAA9PuAooqFH7lQ7PkVxGIxGO0fgAqxVqvV7cZarVZAgdpNIABAQD1BAAAAAACAFTA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
62168

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Fri, 05 Jan 2024 01:28:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame BD45
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-Nxe5n_VE2uHbjxGaL_QMu55nR.2k4XoM~A&gdpr_in_effect=0
0
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-Nxe5n_VE2uHbjxGaL_QMu55nR.2k4XoM~A&gdpr_in_effect=0
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8MuwCLAZYi8NDfbKruBKwFoeH-mRXcS0AAABgYID-AIk4J5uJw-RbCxam5Vq0Gk7Wws1k5FYZloPdYjKxrRyrISAR52QzcZh8a8HCtFyLVsPJWriZjNwqw3KwW0wmtpVjNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG9ih6XT4XPd63e9315welofJ9rKcnp6X5a7xu_2SwWS0Fyz2gtFeYnk5vE67zy13-T5_td_ycouODrtbMlgr7VbX5WVyK2yml-Utd_neyr_l69Y4Tc-35nXxPZxv0eXhtLtFLsvDafb85QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaA8Q0CziwHBHf5Dsq_5esPAAAAACAAAAAASAAM7DeWALh4TTzx_________x9jgD7zRsb_____jYUeAA8-AB6EAAAAXAwxl61BrB3ZLSdyYFOEEQAAAAATQjujI5N0gopFlf___34rAFcAAAIYr3nIlrLoDkq8hQEAACgYs0APi99vdtg1frfL_P________-b-T_zj0ZoZGYmjfAkPKmaX0AAgDW_gAAAbNQNAMCbADhBJwBWRyEWs8FyM1kOlrMDAAAAcOf___9fD8jMfIvBxGTYbTwr32oz8Q1XE4dtZlmYbBvjxjTYHvHI_4yiLyjiPiHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBgtRptVjPPWuUyzdyilWO0Fm5GE7duuBwsTDPjZmWzuUWvj-njHKwME48XCQaw7UXytEgnssnKNfEtJoPByDba7JbDjck2WZgcI9PGspgYJxOxRHOySCeyy74z8y0GE5Nht_GsfKvNxDdcTRy2mWVhsm2MG9NgX1itRpvVzLNWuUwzt2jlGK2Fm9HErRsuBwvTzLhZ2Wxu0etj-jgHK8PE42_sBqPRYrgYDPeN3WA0WgwXg-G-Q2f4rj5no_JlzHiEIpE4sdvZnAaFy2DxTosWaetw9Bl1XttEmFqbdo6JVWiVeA0Kz8FjGhtr6sPfmlvtbhaF42BRxBLBRTrRO4yut-b0sDxMtpfl9PS8LBexRGm6SCd6yWAy2gsWe8FoL7G8HF6n3eeWu3yfv9pveblFR4fdLRmslXar6_IyuRU208vylrt8b-Xf8nVrnKbnW_O6-B7Ot-jycNrdIpfl4TR7LmKJ4HSRTkQv4-mi_qOGGc4Vm8lcsRjOdYNVAgAAAAAAAACwBJNMNwEAAABwMpDZYjBYrdNBrFaTyWy1XAARVqy6fv5ZsHPebBl3SamVa7HF1qEUa-yxiXcYXW_N6WF5mGwvy-npeVmuDCDCSpXZZp8RxFqtljUAAAABbAAAAAHcdONNwJkV9____z8OAAAAgBx6AAAA9PuAooqFH7lQ7PkVxGIxGO0fgAqxVqvV7cZarVZAgdpNIABAQD1BAAAAAACAFTA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
61978

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-Nxe5n_VE2uHbjxGaL_QMu55nR.2k4XoM~A&gdpr_in_effect=0
date
Fri, 05 Jan 2024 01:28:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=YAMFxqR3qCYbUd0e&instance=214055123&version=7.29.3-U&age=240105&ldt=BIDS&key=y3roexcY&c_id=13479&seq=1&order=10&vIndex=0&absoluteTime=31169.2&relativeTime=26812.1&sm_id=3287948&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=13512&load=1&status=LVFNSNIY&ac_id=2008&bidIndex=2&prebid.cid=0&prebid.bidders.rubicon.time=433.3&prebid.bidders.undertone.time=168.9&prebid.bidders.pubmatic.time=541.1&prebid.bidders.triplelift.time=165.1&prebid.bidders.ix.time=163.9&prebid.bidders.unruly.time=606.1&prebid.bidders.appnexus.time=160.6&prebid.start=30549.1&prebid.time=619.7&prebid.timeout=3000&adIndex=0
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.145.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-145-94.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:54 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
p
sb.scorecardresearch.com/ Frame 2894 		43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1704418111065&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=16100&ns_st_cl=34073&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=3287948&ns_st_pt=16100&ns_st_dpt=16100&ns_st_ipt=6091&ns_st_ap=16100&ns_st_dap=16100&ns_st_et=16100&ns_st_det=16100&ns_st_upc=16100&ns_st_dupc=16100&ns_st_iupc=6091&ns_st_upa=16100&ns_st_dupa=16100&ns_st_iupa=6091&ns_st_lpc=16100&ns_st_dlpc=16100&ns_st_lpa=16100&ns_st_dlpa=16100&ns_st_pa=16100&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1704418134731&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Oahu%20Publications%20Recirc&c3=sendtonews&c4=News&c6=*null&c7=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&c8=&c9=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-29.iad12.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:54 GMT
via
1.1 6400936fc4525d1c60e3e8fee9d4806e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
IAD12-P2
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
LicrWibThXYpLfCYKgU-otjv1eRQ3Awhz74HA0KvTfTtAoucBJ_MKQ==
setuid
ib.adnxs.com/prebid/ Frame F936
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=1---&pu=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26...
  • https://ib.adnxs.com/prebid/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=A0864502-06A0-4ED8-A79E-7CD263E71299
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
an-x-request-uuid
75b058b9-8532-4639-bc4f-5811932a3f6d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/prebid/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=A0864502-06A0-4ED8-A79E-7CD263E71299
date
Fri, 05 Jan 2024 01:28:53 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
176
content-type
text/html; charset=utf-8
usync.html
eus.rubiconproject.com/ Frame A164 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8MuwCLAZYi8NDfbKruBKwFoeH-mRXcS0AAABgYID-AIk4J5uJw-RbCxam5Vq0Gk7Wws1k5FYZloPdYjKxrRyrISAR52QzcZh8a8HCtFyLVsPJWriZjNwqw3KwW0wmtpVjNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG9ih6XT4XPd63e9315welofJ9rKcnp6X5a7xu_2SwWS0Fyz2gtFeYnk5vE67zy13-T5_td_ycouODrtbMlgr7VbX5WVyK2yml-Utd_neyr_l69Y4Tc-35nXxPZxv0eXhtLtFLsvDafb85QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaA8Q0CziwHBHf5Dsq_5esPAAAAACAAAAAASAAM7DeWALh4TTzx_________x9jgD7zRsb_____jYUeAA8-AB6EAAAAXAwxl61BrB3ZLSdyYFOEEQAAAAATQjujI5N0gopFlf___34rAFcAAAIYr3nIlrLoDkq8hQEAACgYs0APi99vdtg1frfL_P________-b-T_zj0ZoZGYmjfAkPKmaX0AAgDW_gAAAbNQNAMCbADhBJwBWRyEWs8FyM1kOlrMDAAAAcOf___9fD8jMfIvBxGTYbTwr32oz8Q1XE4dtZlmYbBvjxjTYHvHI_4yiLyjiPiHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBgtRptVjPPWuUyzdyilWO0Fm5GE7duuBwsTDPjZmWzuUWvj-njHKwME48XCQaw7UXytEgnssnKNfEtJoPByDba7JbDjck2WZgcI9PGspgYJxOxRHOySCeyy74z8y0GE5Nht_GsfKvNxDdcTRy2mWVhsm2MG9NgX1itRpvVzLNWuUwzt2jlGK2Fm9HErRsuBwvTzLhZ2Wxu0etj-jgHK8PE42_sBqPRYrgYDPeN3WA0WgwXg-G-Q2f4rj5no_JlzHiEIpE4sdvZnAaFy2DxTosWaetw9Bl1XttEmFqbdo6JVWiVeA0Kz8FjGhtr6sPfmlvtbhaF42BRxBLBRTrRO4yut-b0sDxMtpfl9PS8LBexRGm6SCd6yWAy2gsWe8FoL7G8HF6n3eeWu3yfv9pveblFR4fdLRmslXar6_IyuRU208vylrt8b-Xf8nVrnKbnW_O6-B7Ot-jycNrdIpfl4TR7LmKJ4HSRTkQv4-mi_qOGGc4Vm8lcsRjOdYNVAgAAAAAAAACwBJNMNwEAAABwMpDZYjBYrdNBrFaTyWy1XAARVqy6fv5ZsHPebBl3SamVa7HF1qEUa-yxiXcYXW_N6WF5mGwvy-npeVmuDCDCSpXZZp8RxFqtljUAAAABbAAAAAHcdONNwJkV9____z8OAAAAgBx6AAAA9PuAooqFH7lQ7PkVxGIxGO0fgAqxVqvV7cZarVZAgdpNIABAQD1BAAAAAACAFTA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://ch-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:54 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 7D05
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1704418134458.&ri=0010b00002T3JniAAF&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XU...
  • https://sync.adtelligent.com/csync?t=a&ep=304056&extuid=212429669350874&traffic_source=snippet&session=13A73333B6E4BAA1&sp=792813&pb=554204&c=488210&a=304056&domain=https://www.staradvertiser.com/2...
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=304056&extuid=212429669350874&traffic_source=snippet&session=13A73333B6E4BAA1&sp=792813&pb=554204&c=488210&a=304056&domain=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Protocol
HTTP/1.1
Server
23.227.146.18 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:54 GMT
Server
Adtelligent
Etag
0fa566d64aeda508
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://sync.adtelligent.com/csync?t=a&ep=304056&extuid=212429669350874&traffic_source=snippet&session=13A73333B6E4BAA1&sp=792813&pb=554204&c=488210&a=304056&domain=https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
/
ssc-cms.33across.com/ps/ Frame 7D05
Redirect Chain
  • https://cs.admanmedia.com/ad78321e103d19bf85068e7bf407c77f.gif?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D121%26us_privacy%3D%26xu%3D%5BUID%5D
  • https://ssc-cms.33across.com/ps/?xi=121&us_privacy=&xu=b92d9acc-1898-4487-959a-a4caca37df9b
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=121&us_privacy=&xu=b92d9acc-1898-4487-959a-a4caca37df9b
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Protocol
H2
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP018 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Fri, 05 Jan 2024 01:28:54 GMT
server
33XP018

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:54 GMT
Server
nginx
Location
https://ssc-cms.33across.com/ps/?xi=121&us_privacy=&xu=b92d9acc-1898-4487-959a-a4caca37df9b
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
match
events-ssc.33across.com/ Frame 7D05
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc1MDI2NzU4Mi90LzI/url/https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D44%26ts%3D1704418134458.3%26us_privacy%3D%26xu%3D%24!%7BTURN_UUID%7D
  • https://ssc-cms.33across.com/ps/?xi=44&ts=1704418134458.3&us_privacy=&xu=7898252983751812422
  • https://events-ssc.33across.com/match?bidder_id=44&external_user_id=7898252983751812422&ts=1704418134&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=44&external_user_id=7898252983751812422&ts=1704418134&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:55 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
referrer-policy
unsafe-url
server
33XP009
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=44&external_user_id=7898252983751812422&ts=1704418134&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
/
ssc-cms.33across.com/ps/ Frame 7D05
Redirect Chain
  • https://sync.1rx.io/usersync2/33across?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3D%5BRX_UUID%5D
  • https://sync.targeting.unrulymedia.com/csync/RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3DRX-1b1c05a4...
  • https://ssc-cms.33across.com/ps/?xi=43&ts=123&us_privacy=1---&xu=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=43&ts=123&us_privacy=1---&xu=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Protocol
H2
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP017 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Fri, 05 Jan 2024 01:28:54 GMT
server
33XP017

Redirect headers

location
https://ssc-cms.33across.com/ps/?xi=43&ts=123&us_privacy=1---&xu=RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
date
Fri, 05 Jan 2024 01:28:54 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1b1c05a4a7cb4073855993f6a89d18e6005
content-type
text/html
/
ssc-cms.33across.com/ps/ Frame 7D05
Redirect Chain
  • https://csync.loopme.me/?pubid=11575&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D122%26us_privacy%3D%26xu%3D%7Bviewer_token%7D
  • https://ssc-cms.33across.com/ps/?xi=122&us_privacy=&xu=d08b0939-e7dd-47e1-a1ce-13919d351d77&gdpr_consent=null&gdpr=0
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=122&us_privacy=&xu=d08b0939-e7dd-47e1-a1ce-13919d351d77&gdpr_consent=null&gdpr=0
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Protocol
H2
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP016 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Fri, 05 Jan 2024 01:28:55 GMT
server
33XP016

Redirect headers

location
https://ssc-cms.33across.com/ps/?xi=122&us_privacy=&xu=d08b0939-e7dd-47e1-a1ce-13919d351d77&gdpr_consent=null&gdpr=0
date
Fri, 05 Jan 2024 01:28:55 GMT
server
_
content-length
0
match
events-ssc.33across.com/ Frame 7D05
Redirect Chain
  • https://pxl.iqm.com/i/ck/ttacross?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D123%26ts%3D1704418134458.6%26us_privacy%3D%26xu%3D%5BPUID%5D
  • https://ssc-cms.33across.com/ps/?xi=123&ts=1704418134458.6&us_privacy=&xu=a1113839-bfab-4664-9a61-231408946c0d
  • https://events-ssc.33across.com/match?bidder_id=123&external_user_id=a1113839-bfab-4664-9a61-231408946c0d&ts=1704418135&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=123&external_user_id=a1113839-bfab-4664-9a61-231408946c0d&ts=1704418135&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:55 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=123&external_user_id=a1113839-bfab-4664-9a61-231408946c0d&ts=1704418135&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
/
ssc-cms.33across.com/ps/ Frame 7D05
Redirect Chain
  • https://cs.mobfox.com/4601c426c7c74dd7172eb80111ccb2bf.gif?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D126%26us_privacy%3D%26xu%3D%5BUID%5D
  • https://ssc-cms.33across.com/ps/?xi=126&us_privacy=&xu=cf3a1f96-0f85-4c9a-95cf-17897e8f8f7f
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=126&us_privacy=&xu=cf3a1f96-0f85-4c9a-95cf-17897e8f8f7f
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Protocol
H2
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP014 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13A73333B6E4BAA1%26sp%3D792813%26pb%3D554204%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Fri, 05 Jan 2024 01:28:55 GMT
server
33XP014

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:56 GMT
Server
nginx/1.24.0
Location
https://ssc-cms.33across.com/ps/?xi=126&us_privacy=&xu=cf3a1f96-0f85-4c9a-95cf-17897e8f8f7f
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
player-event
events.qortex.ai/api/v1/ 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAF5lcTtjOB%2BgY%2FBmKGc0u52gMZc4XMrBXJEBL7Vd1Z33fUQ6TVvMRZz%2BpMQLcRpjHUrLZ5oPuaz1J8Z2dz6PhSyh9wV7j%2F4kO7C37ohE%2FW%2FHW3MeiZfmiv%2BqlLRKq1x1%2Fx7U23tVwiqAOumQs0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f27f0a727449-MIA
content-length
0
async_usersync
ib.adnxs.com/ Frame DC14 		0
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
an-x-request-uuid
f7bd81ea-2663-48fd-aae8-4442b80ff72e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f27e999d7449-MIA
date
Fri, 05 Jan 2024 01:28:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVjgXfOWCB9zSWXoxN3zvVuyv6kiZevmxDNIjytdghMaLjXxXVA5llO9werc%2Fwa83KicAnk%2FNivp3G5tCQ75gREg02VgGWAn4b0HHMF6kROXay0C4YutKtVQ4ajbrfrQiDuzzT2pl7w6GoUGnFA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
khaos.json
token.rubiconproject.com/ Frame FE7A 		7 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 9E43 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
165642
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8407f27f0c177421-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 2E5E 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fhonolulustar-advertiser-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214055123-YAMFxqR3qCYbUd0e%26schain%3Dstnvideo.com%2CSTN_0001779%26content%3D13512%26placementType%3DPremium%26embed%3Dy3roexcY%26domain%3Dstaradvertiser.com%26player_size%3Dsmall%26player_width%3D300%26player_height%3D169%26player_type%3Dfloat%26smartmatch%3Dno%26version%3D7.29.3-U%26player_status%3DLVFNSNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00392%26rand%3D14%26uhr%3D15%26us_privacy%3D1---%26keywchk%3Dok&url=https%3A%2F%2Fwww.staradvertiser.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&cue=15000&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=midroll&pod=2&mridx=1&rmridx=3&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1263574&us_privacy=1---&hl=en&cmsid=2631244&plcmt=2&vconp=2&video_doc_id=3287948&vpa=auto&vpmute=1&cnc=5136785&kfa=0&tfcd=0&sdkv=h.3.609.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&gdpr=0&sdki=445&ptt=20&adk=3899717468&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&sid=91645F80-E325-4D16-891B-F5C4D65C6084&a3p=EhsKDGlkNS1zeW5jLmNvbRj1qPK5zTFIAFICCG8SGQoKY3JpdGVvLmNvbRj2qPK5zTFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBj2qPK5zTFIAFICCG8SGwoMbGl2ZXJhbXAuY29tGPao8rnNMUgAUgIIbxIdCg5saXZlaW50ZW50LmNvbRj2qPK5zTFIAFICCG8SGwoMMzNhY3Jvc3MuY29tGPao8rnNMUgAUgIIbxIZCgp1aWRhcGkuY29tGPao8rnNMUgAUgIIbxI7CgpwdWJjaWQub3JnEiQ5NWQxNDU0ZC1lNTNlLTQ2YjMtYjRkZS0zMzQxNDkxYTJhMDMY9ajyuc0xSAA.&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806075&top=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&loc=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&dlt=1704418103961&idt=8723&dt=1704418134873&cookie=ID%3Dd5d9bc13cd177aaf%3AT%3D1704418107%3ART%3D1704418107%3AS%3DALNI_MZ4BZolVYIVHU4en5ncGzXTq6T5rg&gpic=UID%3D00000db0f4ed2e2f%3AT%3D1704418107%3ART%3D1704418107%3AS%3DALNI_Masyh_oFPy02WMRXLg2ivGrwvOkVA&correlator=1149493711195984&scor=665569721599138&ged=ve4_td31_tt22_pd31_la31000_er393.1024.548.1324_vi0.0.1200.1600_vp100_ts18_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame A164 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12329
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
/
track.adform.net/Serving/Cookie/ Frame A1CF 		92 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5258305223
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.232 , Denmark, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
200
expires
-1
usync.html
eus.rubiconproject.com/ Frame C2C4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=publicidad&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5258305223
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:55 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:54 GMT
location
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/ Frame A1CF
Redirect Chain
  • https://id5-sync.com/s/286/9.gif?puid=48de1664-fb49-47b7-b409-1zz1704418099&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fgdpr%3D0%26euco...
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F441%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/286/441/8/2.gif?puid=u_8a0f8237-cd03-48f2-b488-4ca53ffb58fd&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F429%2F7%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/286/429/7/3.gif?puid=A0864502-06A0-4ED8-A79E-7CD263E71299&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AAAQHk7LLrYAABaDzK28HA&id5AccountNum=155&numCascadesAllowed=9
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/286/2/5/5.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/286/2/5/5.gif?puid=7386633197929965226&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F203%2F4%2F6.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/286/203/4/6.gif?puid=8b8293d3-9878-4b12-9ae2-54436c2413c7&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-f642P3hmo8kgth1GYnAaxSioQNBv5STXJvqDdw6AvA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F286%2F124%2F3%2F7.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-f642P3hmo8kgth1GYnAaxSioQNBv5STXJvqDdw6AvA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F286%2F124%2F3%2F7.gif%3Fp...
  • https://id5-sync.com/cq/286/124/3/7.gif?puid=4865ca2b-af3b-4ab5-b1cc-eb965768646e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F108%2F2%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/286/108/2/8.gif?puid=4997edfe-4ce1-4693-848f-c8b66f02f74e&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F434%2F1%2F9.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/286/434/1/9.gif?puid=770043a8-af77-46db-9a99-c38ce904d888&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F796%2F0%2F10.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consen...
  • https://id5-sync.com/c/286/796/0/10.gif?puid=6adc7340-ca96-462d-b37b-baa1d1730357&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/?gdpr=0&euconsent=&uid=ID5-f642P3hmo8kgth1GYnAaxSioQNBv5STXJvqDdw6AvA
95 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/?gdpr=0&euconsent=&uid=ID5-f642P3hmo8kgth1GYnAaxSioQNBv5STXJvqDdw6AvA
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5258305223
Protocol
H2
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
date
Fri, 05 Jan 2024 01:28:42 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/?gdpr=0&euconsent=&uid=ID5-f642P3hmo8kgth1GYnAaxSioQNBv5STXJvqDdw6AvA
date
Fri, 05 Jan 2024 01:28:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
/
sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/ Frame A1CF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&euconsent=&domain=sync.richaudience.com
95 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&euconsent=&domain=sync.richaudience.com
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5258305223
Protocol
H2
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
date
Fri, 05 Jan 2024 01:28:39 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=736096f3-a33b-4e74-a900-147a47dba0f3&gdpr=0&euconsent=&domain=sync.richaudience.com
date
Fri, 05 Jan 2024 01:28:54 GMT
server
Kestrel
content-length
333
sync.html
s.adtelligent.com/ Frame 3D39 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=829538&gdpr=&gdpr_consent=&us_privacy=1---
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:940::2 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.staradvertiser.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
902
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:54 GMT
Server
Adtelligent
X-Robots-Tag
noindex
khaos.json
token.rubiconproject.com/ Frame A164 		7 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
drop_cookie_sw.php
csync.smilewanted.com/ Frame 60A1 		0
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/?us_privacy=1---
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8407f27fad637421-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:55 GMT
server
cloudflare
vary
Accept-Encoding
6066353311403014312
csync.smilewanted.com/set_partner_userid_get/smart/ Frame A9DA
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://csync.smilewanted.com/set_partner_userid_get/smart/6066353311403014312
0
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/6066353311403014312
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8407f2826a1e7421-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:55 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Fri, 05 Jan 2024 01:28:54 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/6066353311403014312
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f27fbbb57449-MIA
date
Fri, 05 Jan 2024 01:28:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aiOYmo7rlqoA62zJ%2F2J8zHdG7hmNY4RrRvfmqTDyS4uagRe2n6GO%2BUGOagiV8fRZ56eWHPD%2B93ypzluY%2Foq%2BQZI0%2F9UEQN8Z%2BnaqiJX6KOE9T4rgLPzEyeZvoiDm6qeiCx%2FMqcz2StXiJDLwJmw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9edyh4CS4FdS2%2BcBHBR%2B9mx5FB2vXA1rvIbcVmB7Slpl6%2FMBm5lX5jloS73IuaoxcrKrpYsPQTQQsnist0KAQ4QSvQO5ywx%2FSTmz2uq4y9mk82CePbk%2BUBXgO%2FbXbm5xkMn%2Fef7BbUi66dOOO2o%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f2802c9b7449-MIA
content-length
0
7386633197929965226
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame 1BCE
Redirect Chain
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/7386633197929965226
0
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/appnexus/7386633197929965226
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8407f2806ebf7421-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:55 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
3cf0be64-2b7c-4ce3-9986-f0e49c57fdc3
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 05 Jan 2024 01:28:55 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/appnexus/7386633197929965226
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame A164
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LQZYJ7Y5-28-J2H9
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LQZYJ7Y5-28-J2H9&gdpr=0&us_privacy=1---
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LQZYJ7Y5-28-J2H9&gdpr=0&us_privacy=1---
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8MuwCLAZYi8NDfbKruBKwFoeH-mRXcS0AAABgYID-AIk4J5uJw-RbCxam5Vq0Gk7Wws1k5FYZloPdYjKxrRyrISAR52QzcZh8a8HCtFyLVsPJWriZjNwqw3KwW0wmtpVjNQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG9ih6XT4XPd63e9315welofJ9rKcnp6X5a7xu_2SwWS0Fyz2gtFeYnk5vE67zy13-T5_td_ycouODrtbMlgr7VbX5WVyK2yml-Utd_neyr_l69Y4Tc-35nXxPZxv0eXhtLtFLsvDafb85QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaA8Q0CziwHBHf5Dsq_5esPAAAAACAAAAAASAAM7DeWALh4TTzx_________x9jgD7zRsb_____jYUeAA8-AB6EAAAAXAwxl61BrB3ZLSdyYFOEEQAAAAATQjujI5N0gopFlf___34rAFcAAAIYr3nIlrLoDkq8hQEAACgYs0APi99vdtg1frfL_P________-b-T_zj0ZoZGYmjfAkPKmaX0AAgDW_gAAAbNQNAMCbADhBJwBWRyEWs8FyM1kOlrMDAAAAcOf___9fD8jMfIvBxGTYbTwr32oz8Q1XE4dtZlmYbBvjxjTYHvHI_4yiLyjiPiHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBgtRptVjPPWuUyzdyilWO0Fm5GE7duuBwsTDPjZmWzuUWvj-njHKwME48XCQaw7UXytEgnssnKNfEtJoPByDba7JbDjck2WZgcI9PGspgYJxOxRHOySCeyy74z8y0GE5Nht_GsfKvNxDdcTRy2mWVhsm2MG9NgX1itRpvVzLNWuUwzt2jlGK2Fm9HErRsuBwvTzLhZ2Wxu0etj-jgHK8PE42_sBqPRYrgYDPeN3WA0WgwXg-G-Q2f4rj5no_JlzHiEIpE4sdvZnAaFy2DxTosWaetw9Bl1XttEmFqbdo6JVWiVeA0Kz8FjGhtr6sPfmlvtbhaF42BRxBLBRTrRO4yut-b0sDxMtpfl9PS8LBexRGm6SCd6yWAy2gsWe8FoL7G8HF6n3eeWu3yfv9pveblFR4fdLRmslXar6_IyuRU208vylrt8b-Xf8nVrnKbnW_O6-B7Ot-jycNrdIpfl4TR7LmKJ4HSRTkQv4-mi_qOGGc4Vm8lcsRjOdYNVAgAAAAAAAACwBJNMNwEAAABwMpDZYjBYrdNBrFaTyWy1XAARVqy6fv5ZsHPebBl3SamVa7HF1qEUa-yxiXcYXW_N6WF5mGwvy-npeVmuDCDCSpXZZp8RxFqtljUAAAABbAAAAAHcdONNwJkV9____z8OAAAAgBx6AAAA9PuAooqFH7lQ7PkVxGIxGO0fgAqxVqvV7cZarVZAgdpNIABAQD1BAAAAAACAFTA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
62168

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LQZYJ7Y5-28-J2H9&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
tap.php
pixel.rubiconproject.com/ Frame FE7A
Redirect Chain
  • https://cm.smadex.com/sync?sm_p=rbc&sm_r=rbc&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=71194&nid=3636&put=006b79a6-e17b-428f-a319-4028618a9396&expires=30
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71194&nid=3636&put=006b79a6-e17b-428f-a319-4028618a9396&expires=30
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=71194&nid=3636&put=006b79a6-e17b-428f-a319-4028618a9396&expires=30
date
Fri, 05 Jan 2024 01:28:55 GMT
via
1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
x-amz-cf-id
WDzmusUJuYRm6feO7DNFg0uPYzCtANz0mlc-WfVwZWW-niiNECNGvA==
x-cache
Miss from cloudfront
tap.php
pixel.rubiconproject.com/ Frame FE7A
Redirect Chain
  • https://id5-sync.com/i/175/9.gif?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=16829&nid=2820&put=ID5-f642P3hmo8kgth1GYnAaxSioQNBv5STXJvqDdw6AvA
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=16829&nid=2820&put=ID5-f642P3hmo8kgth1GYnAaxSioQNBv5STXJvqDdw6AvA
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=16829&nid=2820&put=ID5-f642P3hmo8kgth1GYnAaxSioQNBv5STXJvqDdw6AvA
date
Fri, 05 Jan 2024 01:28:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
o
usync.vrtcal.com/ Frame FE7A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16466&gdpr=0&us_privacy=1---
  • https://usync.vrtcal.com/o?xs=1624&did=LQZYJ7Y5-28-J2H9&gdpr=0&us_privacy=1---
35 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usync.vrtcal.com/o?xs=1624&did=LQZYJ7Y5-28-J2H9&gdpr=0&us_privacy=1---
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
54.176.146.78 -, , ASN (),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.26
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:55 GMT
server
Apache/2.4.7 (Ubuntu)
x-powered-by
PHP/5.5.9-1ubuntu4.26
content-length
35
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usync.vrtcal.com/o?xs=1624&did=LQZYJ7Y5-28-J2H9&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
usync.js
eus.rubiconproject.com/ Frame C2C4 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12328
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
LQZYJ7Y5-28-J2H9
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame 7A0A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LQZYJ7Y5-28-J2H9?gdpr=0
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LQZYJ7Y5-28-J2H9?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8407f2826a237421-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:55 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LQZYJ7Y5-28-J2H9?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
636a4452fa95aad32992c06634d4089f
content-length
0
/
sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/ Frame A1CF 		95 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/?gdpr=0&gdpr_consent=&uid=5394353749448417114
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5258305223
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5258305223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
date
Fri, 05 Jan 2024 01:28:39 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9FC1 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71405
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 05 Jan 2024 01:28:55 GMT
expires
Fri, 05 Jan 2024 21:19:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame C2C4 		7 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
server_match
ice.360yield.com/ Frame B639 		43 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.218.249 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
content-length
43
content-type
image/gif
date
Fri, 05 Jan 2024 01:28:55 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
e337b882-7cdc-47da-a87d-3c455381b18c
csync.smilewanted.com/set_partner_userid_get/openx/ Frame 7756
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://csync.smilewanted.com/set_partner_userid_get/openx/e337b882-7cdc-47da-a87d-3c455381b18c
0
619 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/openx/e337b882-7cdc-47da-a87d-3c455381b18c
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8407f282dadc7421-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:55 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Fri, 05 Jan 2024 01:28:55 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/openx/e337b882-7cdc-47da-a87d-3c455381b18c
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
H8B4hBZHEQ_m7NwFTi24NL7-
csync.smilewanted.com/set_partner_userid_get/sovrn/ Frame 483B
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/sovrn/H8B4hBZHEQ_m7NwFTi24NL7-
0
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/sovrn/H8B4hBZHEQ_m7NwFTi24NL7-
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8407f282fb347421-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:55 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Fri, 05 Jan 2024 01:28:55 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/sovrn/H8B4hBZHEQ_m7NwFTi24NL7-
X-Sovrn-Pod
ad_ap1dca1
csi
csi.gstatic.com/ Frame 2E5E 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lqzyjgyf&c=5102184516937&slotId=2551092258468.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44804291%2C44806075
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1004::5e Fort Worth, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=YAMFxqR3qCYbUd0e&instance=214055123&version=7.29.3-U&age=240105&ldt=NO_IMP&key=y3roexcY&c_id=13479&seq=1&order=11&vIndex=0&absoluteTime=31771&relativeTime=27413.9&sm_id=3287948&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=13512&load=1&status=LVFNSNIY&ac_id=2008&adIndex=0&DS=found&prebidABS=G&prebidABC=[[1,%22control_mod_del%22],[1,%22bidder_mod%22,%220_mod%22],[1,%22bidder_del%22,%220_del%22]]&eg.enabled=false&eg.delay=15&eg.ctdwn=5&eg.vl=30&eg.mid=rm&eg.source=p6&eg.time=false
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.145.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-145-94.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:55 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
p
sb.scorecardresearch.com/ Frame 2894 		43 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1704418111065&ns_st_ec=3&ns_st_sp=1&ns_st_sc=1&ns_st_psq=2&ns_st_asq=2&ns_st_sq=2&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=16035&ns_st_cl=34073&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=3287948&ns_st_pt=16100&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=16100&ns_st_dap=0&ns_st_et=16693&ns_st_det=593&ns_st_upc=16100&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=16100&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=16100&ns_st_dlpc=0&ns_st_lpa=16100&ns_st_dlpa=0&ns_st_pa=16100&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1704418135324&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=0&ns_st_pp=1&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Oahu%20Publications%20Recirc&c3=sendtonews&c4=News&c6=*null&c7=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&c8=&c9=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-29.iad12.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:55 GMT
via
1.1 6400936fc4525d1c60e3e8fee9d4806e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
IAD12-P2
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
TMUKDPei_fvllTe0sSh8_GXZ8LBqEoNqQrzbCiW0StAbyJL-IbGWKg==
5394353749448417114
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 2F56
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/5394353749448417114
0
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/5394353749448417114
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8407f2836c287421-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:55 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Fri, 05 Jan 2024 01:28:55 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/5394353749448417114
server
nginx
player-event
events.qortex.ai/api/v1/ 		0
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xojNR0D8o%2BXy%2BG9x4KkhlIEAS%2ByADxNDqbiDAfUdyxZeBY5jmqsslBUK6LI4IBy%2FzqdtdkdN8TTfoqQhMUy5ohCTXl1Xu0Wyu4AhHSyNGtjDBqmDbXljm3TUnr3sF8uuroz2JN9XhMuhbgel6D8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f28259977449-MIA
content-length
0
5a3c3256-d9f2-4367-85f1-32f976afad14
csync.smilewanted.com/set_partner_userid_get/adwmg/ Frame 1807
Redirect Chain
  • https://us.shb-sync.com/d3cf52c0-fa89-45fb-83fa-f14d2af39226.gif?puid=[UID]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadwmg%2F%5BUID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CON...
  • https://csync.smilewanted.com/set_partner_userid_get/adwmg/5a3c3256-d9f2-4367-85f1-32f976afad14
0
492 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adwmg/5a3c3256-d9f2-4367-85f1-32f976afad14
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8407f2846e8d7421-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:55 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 05 Jan 2024 01:28:55 GMT
Expires
0
Keep-Alive
timeout=5
Location
https://csync.smilewanted.com/set_partner_userid_get/adwmg/5a3c3256-d9f2-4367-85f1-32f976afad14
Pragma
no-cache
/
sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/ Frame C2C4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=publicidad&gdpr=0&gdpr_consent=&gdpr=0&us_privacy=1---&khaos=LQZYJ7Y5-28-J2H9
  • https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LQZYJ7Y5-28-J2H9&gdpr=0&us_privacy=1---
95 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LQZYJ7Y5-28-J2H9&gdpr=0&us_privacy=1---
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5258305223
Protocol
H2
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
date
Fri, 05 Jan 2024 01:28:39 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LQZYJ7Y5-28-J2H9&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
/
ads.us.e-planning.net/uspd/1/ Frame CDCD 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=829538&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 05 Jan 2024 01:28:55 GMT
expires
Fri, 05 Jan 2024 01:28:55 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1215
/
ssc-cms.33across.com/ps/ Frame D84B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D488210%26a%3D304056%26domain%3Dstaradvertiser.com
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=829538&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP015 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Fri, 05 Jan 2024 01:28:55 GMT
server
33XP015
x-33x-status
2000208
setuid
ib.adnxs.com/prebid/ Frame 0149 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=adtelligent&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=%7Buid%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=829538&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid
9bc145c3-d29c-4ca1-8d0e-368a185f7128
cache-control
no-store, no-cache, private
content-length
43
content-type
image/gif
date
Fri, 05 Jan 2024 01:28:55 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
csync
sync.adtelligent.com/ Frame 3D39
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26...
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7386633197929965226&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=529070&a=297253&domain=staradvertiser.com
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7386633197929965226&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=529070&a=297253&domain=staradvertiser.com
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=829538&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
23.227.146.18 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:55 GMT
Server
Adtelligent
Etag
0fa566d64aeda508
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
an-x-request-uuid
a081e4eb-2fe1-4706-8d31-ab6216360a9f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7386633197929965226&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=529070&a=297253&domain=staradvertiser.com
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 3D39
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3...
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c95c11bf-b46f-4d09-bc4a-c5473e8fb6fe&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=603469&a=307558&domain=staradverti...
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c95c11bf-b46f-4d09-bc4a-c5473e8fb6fe&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=603469&a=307558&domain=staradvertiser.com
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=829538&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
23.227.146.18 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:55 GMT
Server
Adtelligent
Etag
0fa566d64aeda508
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c95c11bf-b46f-4d09-bc4a-c5473e8fb6fe&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=603469&a=307558&domain=staradvertiser.com
date
Fri, 05 Jan 2024 01:28:55 GMT
cache-control
no-store no-transform
server
nginx
content-length
306
content-type
text/html; charset=utf-8
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f281e89c7449-MIA
date
Fri, 05 Jan 2024 01:28:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUi%2BouEcepnflU7Kx3jtZRoe39v7Fn2BXj9bZI58z50VhJZ0YvJ1e%2BK7RD5ed%2BCst8XdA%2BZ08iDMkHtaus9957RvoR7Cpu2896UzyA7dRAz%2FifdTFV5kx0VGGZStjOUfWl60tAbhLwTnZCLGxGw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
sync
vid.vidoomy.com/ Frame 3D39 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy=1---&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D632122%26a%3D556847%26domain%3Dstaradvertiser.com
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=829538&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
csync
sync.adtelligent.com/ Frame 3D39
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D751004%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26...
  • https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=7386633197929965226&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=736651&a=751004&domain=staradvertiser.com
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=7386633197929965226&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=736651&a=751004&domain=staradvertiser.com
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=829538&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
23.227.146.18 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:55 GMT
Server
Adtelligent
Etag
0fa566d64aeda508
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
an-x-request-uuid
697dc15d-a0f8-4b70-9788-8b1507b56ca5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=7386633197929965226&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=736651&a=751004&domain=staradvertiser.com
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 3D39
Redirect Chain
  • https://cm-x.mgid.com/7d2fea400064b22652273d22c2e07bad.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D753378%26extuid%3D%5BUID%5D%26traffic_source%3Dsnippet%26sessio...
  • https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=75d3231a-8b28-476c-856f-1982c6c9795b&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=746141&a=753378&domain=staradverti...
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=75d3231a-8b28-476c-856f-1982c6c9795b&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=746141&a=753378&domain=staradvertiser.com
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=829538&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
23.227.146.18 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:55 GMT
Server
Adtelligent
Etag
0fa566d64aeda508
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:55 GMT
Transfer-Encoding
chunked
Location
https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=75d3231a-8b28-476c-856f-1982c6c9795b&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=746141&a=753378&domain=staradvertiser.com
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
csync
sync.adtelligent.com/ Frame 3D39
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D7467...
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=H8B4hBZHEQ_m7NwFTi24NL7-&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=484067&a=310570&domain=staradvertiser.com
43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=H8B4hBZHEQ_m7NwFTi24NL7-&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=484067&a=310570&domain=staradvertiser.com
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=829538&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
23.227.146.18 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:55 GMT
Server
Adtelligent
Etag
0fa566d64aeda508
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Fri, 05 Jan 2024 01:28:55 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=H8B4hBZHEQ_m7NwFTi24NL7-&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=484067&a=310570&domain=staradvertiser.com
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
psync
sync.lunamedia.live/ Frame FCC6
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=smile&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsmaato%2F%24UID
  • https://sync.lunamedia.live/psync?t=s&e=255&cb=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001875%26dspCookie%3D%25USER_ID%25%26gdpr%3D0%26gdpr_consent%3D[GDPR_CONSENT]
552 B
702 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.lunamedia.live/psync?t=s&e=255&cb=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001875%26dspCookie%3D%25USER_ID%25%26gdpr%3D0%26gdpr_consent%3D[GDPR_CONSENT]
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.19.226.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
552
Content-Type
text/html
Date
Fri, 05 Jan 2024 00:56:50 GMT
Server
nginx

Redirect headers

cache-control
max-age=300
content-length
0
date
Fri, 05 Jan 2024 01:28:55 GMT
location
https://sync.lunamedia.live/psync?t=s&e=255&cb=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001875%26dspCookie%3D%25USER_ID%25%26gdpr%3D0%26gdpr_consent%3D[GDPR_CONSENT]
server
CloudFront
via
1.1 b18bcd54d0f77ca53d7c0ba4b9e54284.cloudfront.net (CloudFront)
x-amz-cf-id
6HXdtOL3NgkrujUGEnl6ysysZAG-k3qunwrnPKxi68ovftPTpV3R2Q==
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
A0864502-06A0-4ED8-A79E-7CD263E71299
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame E5FB 		0
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8407f2833be67421-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:55 GMT
server
cloudflare
vary
Accept-Encoding
A0864502-06A0-4ED8-A79E-7CD263E71299
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 2747 		0
464 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8407f283ed707421-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:55 GMT
server
cloudflare
vary
Accept-Encoding
um
u-iad04.e-planning.net/ Frame CDCD
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D44917234a27bfa53
  • https://u-iad04.e-planning.net/um?uid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&dc=0abbcb4eba840e59&fi=44917234a27bfa53
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&dc=0abbcb4eba840e59&fi=44917234a27bfa53
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:55 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:54 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-iad04.e-planning.net/um?uid=d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&dc=0abbcb4eba840e59&fi=44917234a27bfa53
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
u-iad04.e-planning.net/ Frame CDCD
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562965&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%%VGUID%%%26dc%3D66b7ef4184d94c10%26fi%3D44917234a27bfa53
  • https://u-iad04.e-planning.net/um?uid=K5XH98XlPE9c&dc=66b7ef4184d94c10&fi=44917234a27bfa53&ev=1&us_privacy=${us_privacy}&pid=562965
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=K5XH98XlPE9c&dc=66b7ef4184d94c10&fi=44917234a27bfa53&ev=1&us_privacy=${us_privacy}&pid=562965
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:55 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://u-iad04.e-planning.net/um?uid=K5XH98XlPE9c&dc=66b7ef4184d94c10&fi=44917234a27bfa53&ev=1&us_privacy=${us_privacy}&pid=562965
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-fsdm2
expires
-1
pbs.gif
sync.admanmedia.com/ Frame CDCD 		9 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D44917234a27bfa53%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.17 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:55 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame CDCD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.242 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:55 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 03 Jan 2029 01:28:55 GMT
um
u-iad04.e-planning.net/ Frame CDCD
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D44917234a27bfa53%26uid%3D%24%7BUID%7D
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=44917234a27bfa53&uid=7fa3f5db-f526-4aad-8584-3bbcac66db73
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=44917234a27bfa53&uid=7fa3f5db-f526-4aad-8584-3bbcac66db73
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:55 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=44917234a27bfa53&uid=7fa3f5db-f526-4aad-8584-3bbcac66db73
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame CDCD 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.242 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:55 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 03 Jan 2029 01:28:55 GMT
um
u-iad04.e-planning.net/ Frame CDCD
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D44917234a27bfa53%26uid%3D
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=44917234a27bfa53&uid=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504535
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=44917234a27bfa53&uid=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504535
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:55 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=44917234a27bfa53&uid=AQEI6LvGuXMt2gIIsuh3AQEBAQE&expiration=1704504535
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
um
u-iad04.e-planning.net/ Frame CDCD
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D44917234a27bfa53
  • https://u-iad04.e-planning.net/um?uid=48de1664-fb49-47b7-b409-1zz1704418099&dc=fabfd6762b833237&fi=44917234a27bfa53
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=48de1664-fb49-47b7-b409-1zz1704418099&dc=fabfd6762b833237&fi=44917234a27bfa53
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:55 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?uid=48de1664-fb49-47b7-b409-1zz1704418099&dc=fabfd6762b833237&fi=44917234a27bfa53
date
Fri, 05 Jan 2024 01:28:40 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
um
u-iad04.e-planning.net/ Frame CDCD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D44917234a27bfa53%26uid%3D%24UID
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=44917234a27bfa53&uid=7386633197929965226
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=44917234a27bfa53&uid=7386633197929965226
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:55 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
an-x-request-uuid
0e413123-80b3-45b4-891b-d053f4220cc1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=44917234a27bfa53&uid=7386633197929965226
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-iad04.e-planning.net/ Frame CDCD
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D44917234a27bfa53%26uid%3D%5BUID%5D
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=44917234a27bfa53&uid=770043a8-af77-46db-9a99-c38ce904d888
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=44917234a27bfa53&uid=770043a8-af77-46db-9a99-c38ce904d888
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:55 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-180
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=44917234a27bfa53&uid=770043a8-af77-46db-9a99-c38ce904d888
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-iad04.e-planning.net/ Frame CDCD
Redirect Chain
  • https://rtb.om-meta.com/csync?exchange=41cd7873289762a3cc93a994250371cf1cd20569&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dbe1f3f8d2283c058%26fi%3D44917234a27bfa53%26uid%3D
  • https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=44917234a27bfa53&uid=0b933d13-66e8-4296-b3ac-45af853fa0a0
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=44917234a27bfa53&uid=0b933d13-66e8-4296-b3ac-45af853fa0a0
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:55 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?dc=be1f3f8d2283c058&fi=44917234a27bfa53&uid=0b933d13-66e8-4296-b3ac-45af853fa0a0
date
Fri, 05 Jan 2024 01:28:55 GMT
content-length
0
um
u-iad04.e-planning.net/ Frame CDCD
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D44917234a27bfa53%26uid%3D%24UID&partner=eplanning
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=44917234a27bfa53&uid=ua-ad54b833-7c6f-352a-acb0-b4e156cda26b
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=44917234a27bfa53&uid=ua-ad54b833-7c6f-352a-acb0-b4e156cda26b
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:55 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=44917234a27bfa53&uid=ua-ad54b833-7c6f-352a-acb0-b4e156cda26b
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
cache-control
no-store
content-length
0
expires
0
um
sync.e-planning.net/ Frame CDCD
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
  • https://sync.e-planning.net/um?uid=c73598e4-19af-4225-ad41-0db5af961cdf&dc=769fefa8321c94fb&iss=1
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=c73598e4-19af-4225-ad41-0db5af961cdf&dc=769fefa8321c94fb&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:55 GMT
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=c73598e4-19af-4225-ad41-0db5af961cdf&dc=769fefa8321c94fb&iss=1
date
Fri, 05 Jan 2024 01:28:55 GMT
content-length
0
um
u-iad04.e-planning.net/ Frame CDCD
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-iad04.e-planning.net/um?uid=csuid_26dad347-6267-48c3-bca3-bbebb7a0b2e4&dc=b337141cfdc8cf59&fi=44917234a27bfa53
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=csuid_26dad347-6267-48c3-bca3-bbebb7a0b2e4&dc=b337141cfdc8cf59&fi=44917234a27bfa53
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:55 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?uid=csuid_26dad347-6267-48c3-bca3-bbebb7a0b2e4&dc=b337141cfdc8cf59&fi=44917234a27bfa53
date
Fri, 05 Jan 2024 01:28:55 GMT
server
fasthttp
content-length
0
um
u-iad04.e-planning.net/ Frame CDCD
Redirect Chain
  • https://sync.colossusssp.com/25846d60f03337a85b16b62fb624c502.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3Dd015773253e1640b%26fi%3D44917234a27bfa53
  • https://u-iad04.e-planning.net/um?uid=1e2c6b9b-b313-4977-8d47-506b6f116205&dc=d015773253e1640b&fi=44917234a27bfa53
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=1e2c6b9b-b313-4977-8d47-506b6f116205&dc=d015773253e1640b&fi=44917234a27bfa53
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:55 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:55 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://u-iad04.e-planning.net/um?uid=1e2c6b9b-b313-4977-8d47-506b6f116205&dc=d015773253e1640b&fi=44917234a27bfa53
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
sync
x.bidswitch.net/ Frame CDCD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=eplanning
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=eplanning
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0cab6805-c694-4a0f-a9f1-3fc892c60190&ssp=eplanning
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0cab6805-c694-4a0f-a9f1-3fc892c60190&ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0cab6805-c694-4a0f-a9f1-3fc892c60190&ssp=eplanning
date
Fri, 05 Jan 2024 01:28:55 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
u-iad04.e-planning.net/ Frame CDCD
Redirect Chain
  • https://cm-x.mgid.com/7c66bfc34cae8636a9aefaf68cb9041c.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3D98bd04598763300f%26fi%3D44917234a27bfa53
  • https://u-iad04.e-planning.net/um?uid=75d3231a-8b28-476c-856f-1982c6c9795b&dc=98bd04598763300f&fi=44917234a27bfa53
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=75d3231a-8b28-476c-856f-1982c6c9795b&dc=98bd04598763300f&fi=44917234a27bfa53
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:55 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:55 GMT
Transfer-Encoding
chunked
Location
https://u-iad04.e-planning.net/um?uid=75d3231a-8b28-476c-856f-1982c6c9795b&dc=98bd04598763300f&fi=44917234a27bfa53
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
um
u-iad04.e-planning.net/ Frame CDCD
Redirect Chain
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=ZXBsYW5uaW5n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&callback=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7Bym_us...
  • https://u-iad04.e-planning.net/um?uid=ym_user_f42d1ad0-05e4-4bec-8277-d0223c159ff3&dc=dbfd729d40c9c3fc&fi=44917234a27bfa53
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=ym_user_f42d1ad0-05e4-4bec-8277-d0223c159ff3&dc=dbfd729d40c9c3fc&fi=44917234a27bfa53
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:55 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?uid=ym_user_f42d1ad0-05e4-4bec-8277-d0223c159ff3&dc=dbfd729d40c9c3fc&fi=44917234a27bfa53
date
Fri, 05 Jan 2024 01:28:55 GMT
content-length
0
ro
match.prod.bidr.io/cookie-sync/ Frame CDCD
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning
  • https://match.prod.bidr.io/cookie-sync/ro?rndcb=2635782203
19 B
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ro?rndcb=2635782203
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
HTTP/1.1
Server
54.164.14.168 , United States, ASN (),
Reverse DNS
ec2-54-164-14-168.compute-1.amazonaws.com
Software
gunicorn /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:55 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
19
content-type
text/plain

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
etag
RX1b1c05a4a7cb4073855993f6a89d18e6005
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.prod.bidr.io/cookie-sync/ro?rndcb=2635782203
cache-control
no-store, no-cache, must-revalidate
expires
0
usync.html
eus.rubiconproject.com/ Frame 4B29
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:55 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:55 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F6B7 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D44917234a27bfa53%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.220.247 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71405
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 05 Jan 2024 01:28:55 GMT
expires
Fri, 05 Jan 2024 21:19:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 4956 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44917234a27bfa53%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8407f283ec2c25a3-MIA
content-encoding
br
content-type
text/html
date
Fri, 05 Jan 2024 01:28:55 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpfE36%2FPc3rUh8TcgqAzZ1ZscevcvQYXzYD21g084O03LGHT7hps%2FfRiyzWHMyDbRd8XDYTXWPenh4enMHXdFkuP6Dq7Tm%2FjJV5G%2BSfJgmpl5fy5v1mZv4GrJTgb2TGJasGlljci"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
crum
dsum-sec.casalemedia.com/ Frame 4956
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A0A7D3915CF44960ACE5E888F4B75986
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A0A7D3915CF44960ACE5E888F4B75986
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44917234a27bfa53%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1gjJSubs2qTcmULB%2BS%2FGlky40xX4wSMaAUUXqEfaJauAcCdw2qNvks7cyTZPERiGIOYchC7l%2FSzMkhyS9G8CAe46%2BHGzNfMP0ALHEEuXEHwNbW5rD1KwXqbCaamv3wiX5RfW3eV7JD5nA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f2856ea525a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 05 Jan 2024 01:28:55 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A0A7D3915CF44960ACE5E888F4B75986
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 04 Jan 2024 01:28:55 GMT
crum
dsum-sec.casalemedia.com/ Frame 4956
Redirect Chain
  • https://rtb.adentifi.com/CookieIndex
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44917234a27bfa53%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPDRyjBIbS2OEcqVduKG5SOy6h0AOskSjKHaJmtDVfRqdhz%2BTgIc%2BOTIoB0F7nz740UU6tDnvnPnIcYwfInJq9JV%2BO%2FOca1nw0t5cJGs3cgRWMxDEyR7yEgvBt8KfG4HCWp7QcN7pwMfSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f2856ea925a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11
date
Fri, 05 Jan 2024 01:28:55 GMT
content-type
text/plain
rum
dsum.casalemedia.com/ Frame 4956
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0cab6805-c694-4a0f-a9f1-3fc892c60190&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44917234a27bfa53%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnLzq3kpIycQWEsF6lqYYfbin5sycbn8AIHeSsWnhIL9PHrJRd6oaHw56jOBIoBjZ0BKuQH0mpJ2Ugqsg50AsZL3mYWaJoFefclMgf6u%2BzwGlBCrkNO7uMzG8h3CUZNI05vM1G%2Fy"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f286d97a25a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f23bd312-5bb6-424a-95e9-d15220f0e7dc&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 05 Jan 2024 01:28:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 4956
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f7716597-5b45-4000-9fa2-5f3c3f74983b&gdpr=&gdpr_consent=
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f7716597-5b45-4000-9fa2-5f3c3f74983b&gdpr=&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44917234a27bfa53%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlL4HyaC34C3mSoLNakgsT6xZByZeszR1oeyO0frkXXqwjLcakPyXtD979jrh9mZYAadfGL5LTlMvL0JQGxTgr4ZvelDoUYjCOtomFWS7e4f%2BtqIn7jgesz%2Bgevx9P2jM5KUDTU2PgkcYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f2856eab25a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Fri, 05 Jan 2024 01:28:55 GMT
Server
MT3 1237 600843f master ord ord-pixel-x54 config_version:"4066"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f7716597-5b45-4000-9fa2-5f3c3f74983b&gdpr=&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 05 Jan 2024 01:28:54 GMT
dcm
s.amazon-adsystem.com/ Frame 4956 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44917234a27bfa53%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TZJ8NWE7PKY5MV0JP3R4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
35759
i.liadm.com/s/ Frame 4956
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZdbPwCgEoqR40X4NR82pgAA%261641&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=736096f3-a33b-4e74-a900-147a47dba0f3
43 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=736096f3-a33b-4e74-a900-147a47dba0f3
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44917234a27bfa53%26uid%3D
Protocol
HTTP/1.1
Server
52.202.180.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-180-1.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:56 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

location
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=736096f3-a33b-4e74-a900-147a47dba0f3
date
Fri, 05 Jan 2024 01:28:55 GMT
server
Kestrel
content-length
215
crum
dsum-sec.casalemedia.com/ Frame 4956
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=BUe8t8AGKClBFU9g5GxQ
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=BUe8t8AGKClBFU9g5GxQ
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44917234a27bfa53%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKUnBozQ23BMqnoQFh%2BSPRCQWhejrpjwa2VLnsvS%2BsqvFVitdaGonYEJsfcdcdUzAWeP2Jj9%2FTNSUWnJm0UsgO2sWnW9YCc9voFrO%2FfWROK74Hxa2j%2B8GKPOHCwjgqV%2BGbZw1GeJj2A9vw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f28668ba25a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:55 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=BUe8t8AGKClBFU9g5GxQ
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4956
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662087854649738
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662087854649738
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44917234a27bfa53%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kuNOA%2F8GU4ND7D5KVV0ls60FrYtHKafeLNoYh%2BgPm0nTEq7OX%2BXAnAFVJLzQ240elGds6C046eZSCbiV9RofKVyh%2FsGOzy5WHMO86ynCh%2B38B%2FPdOH5hO1oxC5naD7bl1fdMP4FA1SsCkg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8407f2856eac25a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
36
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662087854649738
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8407f2847a5b3dd7-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
um
u-iad04.e-planning.net/ Frame 4956 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=99e41df815fd80b4&fi=44917234a27bfa53&uid=ZZdbPwCgEoqR40X4NR82pgAA%261641
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44917234a27bfa53%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:55 GMT
content-type
image/gif
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
cf-cache-status
DYNAMIC
cf-ray
8407f285bdde31ec-MIA
content-length
0
date
Fri, 05 Jan 2024 01:28:55 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Headers
trinity.json
apex.go.sonobi.com/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221062d91215e28a58%22%3A%229b40b2232f71a5893638%7C300x250%7Cgpid%3Dstaradvertiser.com-div-insticator-ad-1%2Cc%3Dd%2C%22%2C%22107a43b80e533223%22%3A%228cec8c874ac937aad2b2%7C300x250%7Cgpid%3Dstaradvertiser.com-div-insticator-ad-2%2Cc%3Dd%2C%22%2C%22108258cc7584c443%22%3A%2230398ad54a9a05f1a915%7C250x250%2C320x50%2C320x100%2C336x280%2C300x250%7Cgpid%3Dstaradvertiser.com-div-insticator-ad-3%2Cc%3Dd%2C%22%2C%22109333ab7651b601%22%3A%22bd23ed8a9c4fd706afba%7C728x90%2C468x60%7Cgpid%3Dstaradvertiser.com-div-insticator-ad-4%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&s=b870787b-e728-4ed9-883c-fb9d7eaf8b19&pv=4bc5dd7f-3045-4a52-a504-583763608de9&vp=desktop&lib_name=prebid&lib_v=7.42.0&us=50&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22staradvertiser.com%22%2C%22keywords%22%3A%22Nationalnews%22%2C%22publisher%22%3A%7B%22domain%22%3A%22staradvertiser.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%220eda47e1-3a3f-4444-8ab9-a525f4133e8d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*n2ORn8Ytww4wdROwvzfVtzx9De0pOkCJLnNfLo5bJRF6PrnYZXt6_ekFXQ7K9zJKej_rOLGhYnjArJKqKPGE2A%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2295d1454d-e53e-46b3-b4de-3341491a2a03%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22736096f3-a33b-4e74-a900-147a47dba0f3%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D&coppa=0
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:56 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-180
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
968
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.210.0.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-0-246.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:55 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.staradvertiser.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
arj
insticator-d.openx.net/w/1.0/ 		173 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=98fb97a3-25a5-47f0-8399-f03a2b0b5bad%2Cdf9d4a0e-cdba-4bd7-928e-a47942ee08f1%2C6f3f6060-76c3-4e78-b5ae-193d1d6679b4%2Cf49f95c8-a314-4371-babd-246a7b7d7cf9&nocache=1704418135824&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&id5id=ID5*n2ORn8Ytww4wdROwvzfVtzx9De0pOkCJLnNfLo5bJRF6PrnYZXt6_ekFXQ7K9zJKej_rOLGhYnjArJKqKPGE2A&pubcid=95d1454d-e53e-46b3-b4de-3341491a2a03&ttduuid=736096f3-a33b-4e74-a900-147a47dba0f3&schain=1.0%2C1!insticator.com%2C0eda47e1-3a3f-4444-8ab9-a525f4133e8d%2C1%2C%2C%2C&aus=300x250%7C300x250%7C250x250%2C320x50%2C320x100%2C336x280%2C300x250%7C728x90%2C468x60&divids=div-insticator-ad-1%2Cdiv-insticator-ad-2%2Cdiv-insticator-ad-3%2Cdiv-insticator-ad-4&aucs=staradvertiser.com-div-insticator-ad-1%2Cstaradvertiser.com-div-insticator-ad-2%2Cstaradvertiser.com-div-insticator-ad-3%2Cstaradvertiser.com-div-insticator-ad-4&auid=540835883%2C540835883%2C540835883%2C540835884
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ 		87 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cCEXk2Rtir6jLGaKkv7mNO
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:55 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=doHK72Rtir6ikDaKlId8sQ
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:55 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dNKo_iRtir6ikDaKlId8sQ
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:55 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=ap8uL8Rtmr6jLGaKkv7mNO
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:55 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=282913
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dz3qsggsNoy1Qsq8k8JSS9SluphnUr%2FXpatD0emKbbRNJ%2FGeD6IQ7QOiy2ahUnRBQ2QaSZ3jBZwPmR9WkRJx6D1Z2vb5tWVemFqP3A246SXbx7U0lCny%2BZqmyj6mxtb2dq0ScnuI"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8407f2851e2825a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
c
prebid.a-mo.net/a/ 		344 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:55 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
105
content-length
311
openrtb
adx2.adform.net/adx/ 		0
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		475 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
an-x-request-uuid
7a9cf35f-746c-4006-ba3c-df327566e6dc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
475
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
s.seedtag.com/c/hb/ 		11 B
31 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:56 GMT
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb-multi
hb.yellowblue.io/ 		105 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.20.191.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-191-184.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:56 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.staradvertiser.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
13
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		478 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1471:16::820 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
478
expires
0
prebid
mp.4dex.io/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:56 GMT
via
1.1 google
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: div-insticator-ad-4, Selecting bids. No selected bids
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8407f285ab0d6db5-MIA
expires
0
openrtb
ex.ingage.tech/v1/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:56 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
cf-ray
8407f2866cf72583-MIA
fastlane.json
fastlane.rubiconproject.com/a/api/ 		810 B
1023 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=159116&zone_id=762986%3B762988%3B916798%3B762986&size_id=15%3B15%3B15%3B2&alt_size_ids=%3B%3B14%2C16%2C43%2C117%3B1&rp_schain=1.0,1!insticator.com,0eda47e1-3a3f-4444-8ab9-a525f4133e8d,1,165108b7e0baf6e2,,&eid_id5-sync.com=ID5*n2ORn8Ytww4wdROwvzfVtzx9De0pOkCJLnNfLo5bJRF6PrnYZXt6_ekFXQ7K9zJKej_rOLGhYnjArJKqKPGE2A%5E1%5E&eid_pubcid.org=95d1454d-e53e-46b3-b4de-3341491a2a03%5E1&tpid_tdid=736096f3-a33b-4e74-a900-147a47dba0f3&eid_adserver.org=736096f3-a33b-4e74-a900-147a47dba0f3&rf=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&kw=Nationalnews&tg_i.domain=staradvertiser.com&tg_i.page=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&tg_i.pbadslot=staradvertiser.com-div-insticator-ad-1%3Bstaradvertiser.com-div-insticator-ad-2%3Bstaradvertiser.com-div-insticator-ad-3%3Bstaradvertiser.com-div-insticator-ad-4&tk_flint=pbjs_lite_v7.42.0&x_source.tid=98fb97a3-25a5-47f0-8399-f03a2b0b5bad%3Bdf9d4a0e-cdba-4bd7-928e-a47942ee08f1%3B6f3f6060-76c3-4e78-b5ae-193d1d6679b4%3Bf49f95c8-a314-4371-babd-246a7b7d7cf9&l_pb_bid_id=17145cf2323d1886%3B17208d31b9305a78%3B1738f3b65844ef77%3B17411ee892c0d69d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=staradvertiser.com-div-insticator-ad-1%3Bstaradvertiser.com-div-insticator-ad-2%3Bstaradvertiser.com-div-insticator-ad-3%3Bstaradvertiser.com-div-insticator-ad-4&slots=4&rand=0.646363833912244
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:56 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
810
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		25 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.42.0
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 05 Jan 2024 01:28:55 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.staradvertiser.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
cdb
bidder.criteo.com/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=135&profileId=185&av=35&wv=7.42.0&cb=94745768359
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:55 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
usync.js
eus.rubiconproject.com/ Frame 4B29 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12328
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
sync
eb2.3lift.com/ Frame C625 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsscokmskZZZpMy2IiDHjsit_hqIhY8Y9R3lkVYtN8uJ5XkQDGsCly5xQSog51u5Rrh0z92Z8NkXhwloPaUx6uU5Ur2-NCnBY3qCEI0LSGViC0Zuf2lTSyVNKFH4U0wYHpkBqC31kDeUaVh6bHNCGRYe2sJFeJ44-qDuKj-jrakZHT7sYmFQZoink8JkFEBuQy1alBzgzoBzUehzXjiI1mAmkPcqzwfo5znZcPAS6vYqEahVn48IetHjBzcqGnCRluYGlWp_h489LdAPxGkyH5C_J52CZ5gVcv15CwYuz3F8K5gvCAgGzm8CVwqiiJ9_lCwYnhdMtWP0KwsGS6MHMQQWyvskZso6FvCxv5BTz2soIZnQNi-esT51wsWFbudYwXPDPDVGuA&sai=AMfl-YQfvHkUftdphTqElw1e2Q7TDNcP7QqGJWWAG-MDwICg71zUy7dOuFrpYNDODzBRJjZgRlE-ZoFyicbBeyY9StgQhE_ZYp7xxogxG8btxJ1Fr-zuexTBTWzp9ScoaZTM8mL8DujDYp3M4mrZmvQSRsAR&sig=Cg0ArKJSzCFgQ7Uftj98EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://increaserev.com/ads/ob/tage/aaw.staradvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1361
content-type
text/html; charset=utf-8
date
Fri, 05 Jan 2024 01:28:56 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/usync/ Frame F9F4 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame CDCD 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-85.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 21:35:33 GMT
content-encoding
gzip
via
1.1 bdf2aab533e801e16a7a135842a2ee18.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P2
age
14004
x-amz-server-side-encryption
AES256
etag
W/"54c61a0ae34474e317dc273453fb9ccd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
ezdJeegjeOhB6aqdCA85W_m-N-hm1tnNBck4inv1ieWB5SqwAnpQ7Q==
15581
rtb.gumgum.com/usync/ Frame 02E3 		1 KB
824 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44917234a27bfa53%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.45.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-45-79.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 05 Jan 2024 01:28:56 GMT
etag
W/"0fd27b598495fd2681f038e95ee4a53e0"
server
nginx
timing-allow-origin
*
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f2866ace7449-MIA
date
Fri, 05 Jan 2024 01:28:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ciq6D4yF%2Fji7dGGtEygumwekxfWInwRv%2Fwd6elkKpFvG%2FBvrtRUZxWEQL7mn4vbXaAXMg%2BNbJjKjJeNM8brwteUBAcQSCinkguEOhLpPi0paDTpm4fiL9JJNAn06hzxdPDAymbgT8xmGZgcgMf4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
resources
demand.qortex.ai/api/v1/monetize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/monetize/resources
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f2866ad07449-MIA
date
Fri, 05 Jan 2024 01:28:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kguTsH4nvmiCRYbEveZ6uiWTw6lT%2B40BlTiX2d%2FRsfdEKzEG10e6lNY3Irh69dH%2BsdL0MfJteHXYohiMFbGK6OWxzcRvNWOkam6Ujuc1e%2FWjA%2FQJwPBYps268XZ7zl9N%2B8alExellt%2FdyhcvzOo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwDsLoVEfgR8Q6JsQgEY%2B7inl8Z4PmwelkKcrmJRSa%2B5szQU09hXRCs%2BMxg7jvGlD0APHPqXnotJfVnI1W9hXiSutG2ULqhvdusT%2BXYhmflZzk3AZhYDEGQnZGwyQIP%2FwkahuWpuyYnJDb8KQ%2Fk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f286dbb77449-MIA
content-length
0
resources
demand.qortex.ai/api/v1/monetize/ 		21 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/monetize/resources
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFkSpszypDGGFBSoD%2BiY0yibqI%2FPPhaQkXd0PsWNmMF7WBa5d9v4mopVPaQE1FWoa7UFPWEF%2BpT7RQ8aUK73ZXGWkSHm%2B1Q2Bulm5mLiGbDg%2Fai9rWJ%2FIMC00VyZJ8bLDNsd9HugwbKSgXd5vT4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cf-ray
8407f286dbb97449-MIA
content-length
21
um
u-iad04.e-planning.net/ Frame 8D2B 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=44917234a27bfa53&uid=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D44917234a27bfa53%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
server
openresty
sync
eb2.3lift.com/ Frame 1B98 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1327
content-type
text/html; charset=utf-8
date
Fri, 05 Jan 2024 01:28:56 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user-sync
sync.adkernel.com/ Frame 4A75 		828 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D44917234a27bfa53
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
828
Content-Type
text/html; charset=utf-8
Date
Fri, 05 Jan 2024 01:28:56 GMT
Server
nginx
csync
sync.adtelligent.com/ Frame 7E76 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AN1gKFZr0esrL-Et&traffic_source=snippet&session=12A325B29A062051&sp=829538&pb=746787&c=484122&a=307971&domain=staradvertiser.com
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D12A325B29A062051%26sp%3D829538%26pb%3D746787%26c%3D484122%26a%3D307971%26domain%3Dstaradvertiser.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:56 GMT
Etag
0fa566d64aeda508
Server
Adtelligent
um
u-iad04.e-planning.net/ Frame E238 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=44917234a27bfa53&uid=A0864502-06A0-4ED8-A79E-7CD263E71299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D44917234a27bfa53%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
server
openresty
xuid
eb2.3lift.com/ Frame C625
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=A0A7D3915CF44960ACE5E888F4B75986&dongle=yf3
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=A0A7D3915CF44960ACE5E888F4B75986&dongle=yf3
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 05 Jan 2024 01:28:56 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=A0A7D3915CF44960ACE5E888F4B75986&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 04 Jan 2024 01:28:56 GMT
xuid
eb2.3lift.com/ Frame C625
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=BUe8t8AGKClBFU9g5GxQ&gdpr=0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=BUe8t8AGKClBFU9g5GxQ&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:56 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=BUe8t8AGKClBFU9g5GxQ&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame C625
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7898252983751812422&dongle=d407&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=7898252983751812422&dongle=d407&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=7898252983751812422&dongle=d407&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
xuid
eb2.3lift.com/ Frame C625
Redirect Chain
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=3WRHdd4zSnTGZU5722ZTIYk0SyTGYR8hiWAK5ee3
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=3WRHdd4zSnTGZU5722ZTIYk0SyTGYR8hiWAK5ee3
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=3WRHdd4zSnTGZU5722ZTIYk0SyTGYR8hiWAK5ee3
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
xuid
eb2.3lift.com/ Frame C625
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=f7716597-5b45-4000-9fa2-5f3c3f74983b&dongle=3995&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=f7716597-5b45-4000-9fa2-5f3c3f74983b&dongle=3995&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Fri, 05 Jan 2024 01:28:56 GMT
Server
MT3 1237 600843f master ord ord-pixel-x56 config_version:"4066"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eb2.3lift.com/xuid?mid=3690&xuid=f7716597-5b45-4000-9fa2-5f3c3f74983b&dongle=3995&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 05 Jan 2024 01:28:55 GMT
xuid
eb2.3lift.com/ Frame C625
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3657&xuid=ZZdbQAAMIjwI5QBH&dongle=3c0a&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=ZZdbQAAMIjwI5QBH&dongle=3c0a&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

x-served-by
cache-mia-kmia1760054-MIA
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704418136.282769,VS0,VE0
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=ZZdbQAAMIjwI5QBH&dongle=3c0a&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame C625
Redirect Chain
  • https://s.company-target.com/s/tlx?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D8804%26xuid%3D%7Bxuid%7D%26dongle%3D6aix
  • https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=1fd04be1-3440-42f9-b2aa-4a09ecf87f03
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=1fd04be1-3440-42f9-b2aa-4a09ecf87f03
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 05 Jan 2024 01:28:56 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.3lift.com
location
https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=1fd04be1-3440-42f9-b2aa-4a09ecf87f03
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
xuid
eb2.3lift.com/ Frame C625
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6019&xuid=wEAGKYle1Rlz0J5&dongle=465e&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6019&xuid=wEAGKYle1Rlz0J5&dongle=465e&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:55 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0cba865c3a7663bd2@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://eb2.3lift.com/xuid?mid=6019&xuid=wEAGKYle1Rlz0J5&dongle=465e&gdpr=0&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame C625
Redirect Chain
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6547&xuid=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6547&xuid=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=6547&xuid=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:56 GMT, Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame C625
Redirect Chain
  • https://rtb.adentifi.com/CookieSyncTripleLift?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11
date
Fri, 05 Jan 2024 01:28:56 GMT
content-type
text/plain
setuid
ib.adnxs.com/prebid/ Frame C625 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=2687056411155449827788
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:56 GMT
an-x-request-uuid
182a28f3-0976-403a-8612-8fc5afcb4c93
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 02E3
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=6adc7340-ca96-462d-b37b-baa1d1730357
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=6adc7340-ca96-462d-b37b-baa1d1730357
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44917234a27bfa53%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=6adc7340-ca96-462d-b37b-baa1d1730357
Date
Fri, 05 Jan 2024 01:28:56 GMT
Connection
keep-alive
X-CI-RTID
c9e4e3af-76ae-4800-b5c6-2cd579c0ccdb
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 02E3
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=b140de64-64ac-4112-8973-eb44e56d18b8
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=b140de64-64ac-4112-8973-eb44e56d18b8
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44917234a27bfa53%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 05 Jan 2024 01:28:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=b140de64-64ac-4112-8973-eb44e56d18b8
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 02E3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44917234a27bfa53%26uid%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70
Date
Fri, 05 Jan 2024 01:28:56 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
um
sync.e-planning.net/ Frame 02E3 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=44917234a27bfa53&uid=u_8a0f8237-cd03-48f2-b488-4ca53ffb58fd
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44917234a27bfa53%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:56 GMT
content-type
image/gif
khaos.json
token.rubiconproject.com/ Frame 4B29 		7 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
xuid
eb2.3lift.com/ Frame 1B98
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=A0A7D3915CF44960ACE5E888F4B75986&dongle=yf3
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=A0A7D3915CF44960ACE5E888F4B75986&dongle=yf3
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 05 Jan 2024 01:28:56 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=A0A7D3915CF44960ACE5E888F4B75986&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 04 Jan 2024 01:28:56 GMT
xuid
eb2.3lift.com/ Frame 1B98
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=BUe8t8AGKClBFU9g5GxQ&gdpr=0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=BUe8t8AGKClBFU9g5GxQ&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:56 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=BUe8t8AGKClBFU9g5GxQ&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 1B98
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7898252983751812422&dongle=d407&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=7898252983751812422&dongle=d407&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=7898252983751812422&dongle=d407&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
xuid
eb2.3lift.com/ Frame 1B98
Redirect Chain
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=3WRHdd4zSnTGZU5722ZTIYk0SyTGYR8hiWAK5ee3
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=3WRHdd4zSnTGZU5722ZTIYk0SyTGYR8hiWAK5ee3
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=3WRHdd4zSnTGZU5722ZTIYk0SyTGYR8hiWAK5ee3
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
xuid
eb2.3lift.com/ Frame 1B98
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=f7716597-5b45-4000-9fa2-5f3c3f74983b&dongle=3995&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=f7716597-5b45-4000-9fa2-5f3c3f74983b&dongle=3995&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Fri, 05 Jan 2024 01:28:56 GMT
Server
MT3 1237 600843f master ord ord-pixel-x30 config_version:"4066"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eb2.3lift.com/xuid?mid=3690&xuid=f7716597-5b45-4000-9fa2-5f3c3f74983b&dongle=3995&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 05 Jan 2024 01:28:55 GMT
xuid
eb2.3lift.com/ Frame 1B98
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3657&xuid=ZZdbQAAMIjwI5QBH&dongle=3c0a&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=ZZdbQAAMIjwI5QBH&dongle=3c0a&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

x-served-by
cache-mia-kmia1760054-MIA
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704418136.301369,VS0,VE0
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=ZZdbQAAMIjwI5QBH&dongle=3c0a&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame 1B98
Redirect Chain
  • https://s.company-target.com/s/tlx?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D8804%26xuid%3D%7Bxuid%7D%26dongle%3D6aix
  • https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=1fd04be1-3440-42f9-b2aa-4a09ecf87f03
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=1fd04be1-3440-42f9-b2aa-4a09ecf87f03
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 05 Jan 2024 01:28:56 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.3lift.com
location
https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=1fd04be1-3440-42f9-b2aa-4a09ecf87f03
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
xuid
eb2.3lift.com/ Frame 1B98
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6019&xuid=wEAGKYle1Rlz0J5&dongle=465e&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6019&xuid=wEAGKYle1Rlz0J5&dongle=465e&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:55 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0b157bb661d2ee46f@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://eb2.3lift.com/xuid?mid=6019&xuid=wEAGKYle1Rlz0J5&dongle=465e&gdpr=0&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 1B98
Redirect Chain
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6547&xuid=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6547&xuid=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=6547&xuid=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:56 GMT, Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 1B98
Redirect Chain
  • https://rtb.adentifi.com/CookieSyncTripleLift?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_c1331410-ab69-11ee-8814-12fa6b58ae11
date
Fri, 05 Jan 2024 01:28:56 GMT
content-type
text/plain
um
sync.e-planning.net/ Frame 1B98 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=2687056411155449827788&dc=4d76b6ce34af74c9&iss=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

server
openresty
date
Fri, 05 Jan 2024 01:28:56 GMT
content-type
image/gif
usersync
usersync.gumgum.com/ Frame 4CFC
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZdbScCo8YIAALvpxfgAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZZdbScCo8YIAALvpxfgAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44917234a27bfa53%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 05 Jan 2024 01:28:56 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZZdbScCo8YIAALvpxfgAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad1023.dc4p.scaleout.jp
X-SO-IP
38.132.118.70
X-SO-Key
ZZdbScCo8YIAALvpxfgAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"38.132.118.70","key":"ZZdbScCo8YIAALvpxfgAAAAA","privacy_sensitive":false,"uid":"ZZdbScCo8YIAALvpxfgAAAAA","upstream_id":"m-ad1023"}
X-SO-LB-Hostname
m-tgng30.dc4p.scaleout.jp
X-SO-UID
ZZdbScCo8YIAALvpxfgAAAAA
X-SO-Upstream-ID
m-ad1023
usersync
usersync.gumgum.com/ Frame 51B1
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44917234a27bfa53%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 05 Jan 2024 01:28:56 GMT Fri, 05 Jan 2024 01:28:56 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=gumgum
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
user-sync
sync.adkernel.com/ Frame 4A75
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?&cb=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D629501%26t%3Dimage%26uid%3D
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=629501&t=image&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=202990&dsp=629501&t=image&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D44917234a27bfa53
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:56 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
42
Content-Type
image/gif

Redirect headers

location
//sync.adkernel.com/user-sync?zone=202990&dsp=629501&t=image&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953
date
Fri, 05 Jan 2024 01:28:55 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
user-sync
sync.adkernel.com/ Frame 4A75
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202990%26dsp%3D649145%26t%3Dimage%26uid%3D%24UID
  • https://sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=7386633197929965226
42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=7386633197929965226
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D44917234a27bfa53
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:56 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
42
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:56 GMT
an-x-request-uuid
6f6af1a5-3fe4-4850-a3dc-b75da502f857
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
//sync.adkernel.com/user-sync?zone=202990&dsp=649145&t=image&uid=7386633197929965226
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 2E26
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44917234a27bfa53%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:56 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
pixel
cm.g.doubleclick.net/ Frame 6605 		170 B
193 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84YTBmODIzNy1jZDAzLTQ4ZjItYjQ4OC00Y2E1M2ZmYjU4ZmQ=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44917234a27bfa53%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 01:28:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 6AE8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=736096f3-a33b-4e74-a900-147a47dba0f3
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=736096f3-a33b-4e74-a900-147a47dba0f3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44917234a27bfa53%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 05 Jan 2024 01:28:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Fri, 05 Jan 2024 01:28:56 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=736096f3-a33b-4e74-a900-147a47dba0f3
server
Kestrel
usync.html
eus.rubiconproject.com/ Frame 8D73
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adkernel
  • https://eus.rubiconproject.com/usync.html?p=adkernel
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adkernel
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D44917234a27bfa53
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 01:28:56 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 05 Jan 2024 01:28:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=adkernel
server
AkamaiGHost
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=YAMFxqR3qCYbUd0e&instance=214055123&version=7.29.3-U&age=240105&ldt=QUARTILE&key=y3roexcY&seq=1&order=12&vIndex=0&absoluteTime=32754&relativeTime=28396.9&sm_id=3287948&visiblestatecd=I&soundcd=OFF&quartile=2&pposition=home
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.145.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-145-94.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:56 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
/
onetag-sys.com/usync/ Frame 58BD 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
events
bidder.criteo.com/csm/ 		0
200 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:55 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
player-event
events.qortex.ai/api/v1/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrtMpBRuyIV2dMKlG9y6pv2SfW6RKFgNxqcp2tjzQytoRF5C68tpA4APGF0KWVONdyFiF80%2Ble2s8WwJfc2lD1u1aHxMllDObAMzf8TXqQWW9PEjcfP0H%2FB5PCblIC%2F80HK7QJRJNdbxqvFtlKM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f28948717449-MIA
content-length
0
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f288cf787449-MIA
date
Fri, 05 Jan 2024 01:28:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=006RjWtyUzsoeAWuMrgU6hDemk8sx6aUSxifG3lbs%2BpP2ed0RzEDcIQeZAVOXYJYHKXiDl7Zl6qwiW366c2BC9%2B%2BHBz6Wv2v3%2B%2BO1BW%2BAkV%2BqeKVP2BrdzPnjRgre0vnmpNuDmKt7N%2FUfdIaVCE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
ads
securepubads.g.doubleclick.net/gampad/ 		92 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2454078064861757&correlator=2088845756785250&eid=31077976%2C31080198%2C31079723&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=13&didk=570410235&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Dd5d9bc13cd177aaf%3AT%3D1704418107%3ART%3D1704418107%3AS%3DALNI_MZ4BZolVYIVHU4en5ncGzXTq6T5rg&gpic=UID%3D00000db0f4ed2e2f%3AT%3D1704418107%3ART%3D1704418107%3AS%3DALNI_Masyh_oFPy02WMRXLg2ivGrwvOkVA&abxe=1&dt=1704418136535&lmt=1704418136&adxs=1024&adys=3661&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=8&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=495654607.1704418108&ga_sid=1704418108&ga_hid=66608816&ga_fc=true&dlt=1704418103961&idt=3595&prev_scp=aid%3D1ea63748-0f17-416e-bd06-e6a2ad7b1a3b%26ib%3Dnofill%26iaid%3Dnofill%26iba%3D0%26at%3D1%26h%3D1%26tg%3D2%26shb%3D0%26it%3Dtbr%26auto_refresh_counter%3D1&cust_params=pagetype%3Dnational-news%252Ctop-news%252Cros%26hi_site%3DHSA%26site%3Dstaradvertiser.com&adks=2376897148&frm=20
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:56 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29721
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		400 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2454078064861757&correlator=3861936545914443&eid=31077976%2C31080198%2C31079723&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=14&didk=570410234&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Dd5d9bc13cd177aaf%3AT%3D1704418107%3ART%3D1704418107%3AS%3DALNI_MZ4BZolVYIVHU4en5ncGzXTq6T5rg&gpic=UID%3D00000db0f4ed2e2f%3AT%3D1704418107%3ART%3D1704418107%3AS%3DALNI_Masyh_oFPy02WMRXLg2ivGrwvOkVA&abxe=1&dt=1704418136541&lmt=1704418136&adxs=1024&adys=4321&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=9&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=495654607.1704418108&ga_sid=1704418108&ga_hid=66608816&ga_fc=true&dlt=1704418103961&idt=3595&prev_scp=aid%3D1ea63748-0f17-416e-bd06-e6a2ad7b1a3b%26ib%3Dnofill%26iaid%3Dnofill%26iba%3D0%26at%3D1%26h%3D1%26tg%3D2%26shb%3D0%26it%3Dtbr%26auto_refresh_counter%3D1&cust_params=pagetype%3Dnational-news%252Ctop-news%252Cros%26hi_site%3DHSA%26site%3Dstaradvertiser.com&adks=660054608&frm=20
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:56 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		400 B
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2454078064861757&correlator=1991126362003567&eid=31077976%2C31080198%2C31079723&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250&fluid=height&ifi=15&didk=570410213&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Dd5d9bc13cd177aaf%3AT%3D1704418107%3ART%3D1704418107%3AS%3DALNI_MZ4BZolVYIVHU4en5ncGzXTq6T5rg&gpic=UID%3D00000db0f4ed2e2f%3AT%3D1704418107%3ART%3D1704418107%3AS%3DALNI_Masyh_oFPy02WMRXLg2ivGrwvOkVA&abxe=1&dt=1704418136548&lmt=1704418136&adxs=1062&adys=5659&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=8&ucis=a&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&vis=1&psz=300x-1&msz=300x-1&fws=512&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=495654607.1704418108&ga_sid=1704418108&ga_hid=66608816&ga_fc=true&dlt=1704418103961&idt=3595&prev_scp=aid%3D1ea63748-0f17-416e-bd06-e6a2ad7b1a3b%26ib%3Dnofill%26iaid%3Dnofill%26iba%3D0%26at%3D1%26h%3D1%26tg%3D2%26shb%3D0%26it%3Dtbr%26auto_refresh_counter%3D1&cust_params=pagetype%3Dnational-news%252Ctop-news%252Cros%26hi_site%3DHSA%26site%3Dstaradvertiser.com&adks=2943078178&frm=20
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:56 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		398 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2454078064861757&correlator=3405015937236627&eid=31077976%2C31080198%2C31079723&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60%7C320x50&fluid=height&ifi=16&didk=570410212&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Dd5d9bc13cd177aaf%3AT%3D1704418107%3ART%3D1704418107%3AS%3DALNI_MZ4BZolVYIVHU4en5ncGzXTq6T5rg&gpic=UID%3D00000db0f4ed2e2f%3AT%3D1704418107%3ART%3D1704418107%3AS%3DALNI_Masyh_oFPy02WMRXLg2ivGrwvOkVA&abxe=1&dt=1704418136561&lmt=1704418136&adxs=436&adys=6410&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=9&ucis=b&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&vis=1&psz=728x-1&msz=728x-1&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=495654607.1704418108&ga_sid=1704418108&ga_hid=66608816&ga_fc=true&dlt=1704418103961&idt=3595&prev_scp=aid%3D1ea63748-0f17-416e-bd06-e6a2ad7b1a3b%26ib%3Dnofill%26iaid%3Dnofill%26iba%3D0%26at%3D1%26h%3D1%26tg%3D2%26shb%3D0%26it%3Dtbr%26auto_refresh_counter%3D1&cust_params=pagetype%3Dnational-news%252Ctop-news%252Cros%26hi_site%3DHSA%26site%3Dstaradvertiser.com&adks=2259248053&frm=20
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:56 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 8D73 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adkernel
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adkernel
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12327
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
usync.js
eus.rubiconproject.com/ Frame 2E26 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12327
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:54:23 GMT
setuid
ib.adnxs.com/prebid/ Frame F936
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consen...
  • https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:56 GMT
an-x-request-uuid
9e5dc2c1-fdcd-45c6-929c-01faea039f5d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Location
https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Date
Fri, 05 Jan 2024 01:28:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
khaos.json
token.rubiconproject.com/ Frame 2E26 		7 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
khaos.json
token.rubiconproject.com/ Frame 8D73 		7 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LQZYJ7Y5-28-J2H9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
um
u-iad04.e-planning.net/ Frame 4A75 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?uid=A2580877537250048855&dc=eba3ecb667ab30ab&fi=44917234a27bfa53
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3D44917234a27bfa53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:56 GMT
server
openresty
container.html
046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F3D6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 01:28:27 GMT
expires
Sat, 04 Jan 2025 01:28:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
api.assertcom.de/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.211.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.211.175.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 05 Jan 2024 01:28:57 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
server_match
ice.360yield.com/ 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.218.249 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 05 Jan 2024 01:28:57 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame F3D6 		84 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: 046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
URL: https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:5800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
vDZ03Nh4PHNVrs8HyofZavC0FIVLpp1Y
content-encoding
br
via
1.1 9fb7397504a65afc778db3eb0ee0bfa4.cloudfront.net (CloudFront)
date
Fri, 05 Jan 2024 00:03:13 GMT
last-modified
Thu, 30 Nov 2023 21:16:10 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
age
5157
x-amz-server-side-encryption
AES256
etag
W/"ed389335ec0a417a07e8124e53be2300"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-id
PWPDMZWfEYzFVKsF12vfticeMr9OOinazpuySSog0oStwqiFqxwycw==
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame F3D6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js
Requested by
Host: 046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
URL: https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 Ashburn, United States, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:36:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
39159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 14:36:18 GMT
css
fonts.googleapis.com/ Frame F3D6 		8 KB
750 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
URL: https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 01:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:38:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jan 2024 01:28:57 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/ Frame F3D6 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.css
Requested by
Host: 046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
URL: https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 22:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98141
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 21:46:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jan 2025 22:13:16 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/ Frame F3D6 		378 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Requested by
Host: 046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
URL: https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 22:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98141
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134337
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 21:46:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jan 2025 22:13:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame F3D6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
URL: https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 Ashburn, United States, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:36:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
39160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 14:36:17 GMT
pixel
protected-by.clarium.io/ Frame F3D6 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6MzAweDI1MA==&v=5&s=v31hjbjpldn&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsNTEzNjc4NS9zdGFyYWR2ZXJ0aXNlci5jb21fV2ViXzMwMHgyNTBfMSIsInkiOjQ2OTg5MCwiY28iOjAsInMiOiJkaXYtaW5zdGljYXRvci1hZC0xIn19&cb=4608492&h=www.staradvertiser.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODk2MjE3MjQwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
URL: https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.123.236 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:57 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame CDCD 		155 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-85.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 04 Jan 2024 09:12:50 GMT
via
1.1 d835a04e842d9117fd810e7c8479dad4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P2
age
58568
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
gsqPaRC-jQmOPcTxBrloz02m7Qp3Y2bjrCkJnIb2kswoZAo6dbYGzw==
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame F3D6 		0
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=780299
Requested by
Host: 046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
URL: https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQnxBAoOz%2FzM9oorxH0f9Jcj5de7%2F2DzrX3KTQP3Ud4ulAx%2B2AXLpn3uCZBOgCvIm%2Fr8XtArLKnk2kTqNdYdz1%2F8Dwh5f%2BEaG%2Fd5EVVHabXC5v%2FiuxdCeqElKrM4lljvAy0TMDNp8WBJf1O0uw9Rn4%2B%2BZA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
8407f2908c9325b8-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
F6dPRA90tSZCQlaHLk1i
data
bcp.crwdcntrl.net/6/ Frame CDCD 		263 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.158.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-158-19.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:57 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.40.10.197
access-control-allow-credentials
true
content-length
263
expires
0
ef3a69a7-1486-44ea-a318-aa6bea26f44c
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/ Frame F3D6 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/ef3a69a7-1486-44ea-a318-aa6bea26f44c
Requested by
Host: 046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
URL: https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 7657 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-85.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
80525
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Thu, 04 Jan 2024 03:06:53 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 bdf2aab533e801e16a7a135842a2ee18.cloudfront.net (CloudFront)
x-amz-cf-id
G06BSUImEYZmjrbHKJHjvguIRf8lq8xl2x7mhNcWhLv1FWkTM40FTg==
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
error
api.assertcom.de/ 		0
314 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/error
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.211.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.211.175.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:58 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
csi
csi.gstatic.com/ Frame F3D6 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lqzyjw36&c=2583389780372&slotId=1291694890186&qqid=CKCf1ayMxYMDFZi70QQdE0EHfg&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1004::5e Fort Worth, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F3D6 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 09:18:29 GMT
x-content-type-options
nosniff
age
490229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Dec 2024 09:18:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F3D6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 04:35:26 GMT
x-content-type-options
nosniff
age
248012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 04:35:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F3D6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Ct2RzWFuXZaCTJ5j3xtYPk4Kd8AfG7ozbc4r43begEvAuEAEgsMjAIWDJhoCA3KPEEMgBBagDAcgDmwSqBL0CT9AGFxr4Zs8ah3ywod7z31QcacvshVEHLCYaRk_Enzj3ibWPVRl4jrVipRlFYMNr4t6MZX-_MRpASgteSg1Uuto13AfqDCGb5hMLzi-NxYZRGgyB6radoNU-hoFddG4iKwhJa1y4ppZbjcIO1we6Iarmcv39WUNKgK1Nqk4k50G34TLsZ5YTlCnWJnkt8wMDpU23x-PubogC8dFCgyXabN9cqqS0xmpQ7LDIladRCZDmr9tXcQ2Mfjw4sRinYXNZIfEsn69GVFv4BJ3yYikzboiFmpMlZ-p2lYc879ygSpzpbt0prw9QfSNG7Bn67sDPsLKiaA55Nc0IaIW8vWj3C4I-uxOKbaWFAy8WCBQ9frQZcLEq11Qrrs9qkDCMgaEqWxQhN1zTno0IWCDd-xYrjaHFyYLKs6sS8augSPDABLLg2LClBOAEA4gFhIyMkUyQBgGgBk6AB76--DeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOli57tOsjMWDA4AKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJVU-INEwinldSsjMWDAxWYu9EEHRNBB36wE9mJxxTIE5KGsuMD2BMKiBQG2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1704418137960&ai=Ct2RzWFuXZaCTJ5j3xtYPk4Kd8AfG7ozbc4r43begEvAuEAEgsMjAIWDJhoCA3KPEEMgBBagDAcgDmwSqBL0CT9AGFxr4Zs8ah3ywod7z31QcacvshVEHLCYaRk_Enzj3ibWPVRl4jrVipRlFYMNr4t6MZX-_MRpASgteSg1Uuto13AfqDCGb5hMLzi-NxYZRGgyB6radoNU-hoFddG4iKwhJa1y4ppZbjcIO1we6Iarmcv39WUNKgK1Nqk4k50G34TLsZ5YTlCnWJnkt8wMDpU23x-PubogC8dFCgyXabN9cqqS0xmpQ7LDIladRCZDmr9tXcQ2Mfjw4sRinYXNZIfEsn69GVFv4BJ3yYikzboiFmpMlZ-p2lYc879ygSpzpbt0prw9QfSNG7Bn67sDPsLKiaA55Nc0IaIW8vWj3C4I-uxOKbaWFAy8WCBQ9frQZcLEq11Qrrs9qkDCMgaEqWxQhN1zTno0IWCDd-xYrjaHFyYLKs6sS8augSPDABLLg2LClBOAEA4gFhIyMkUyQBgGgBk6AB76--DeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOli57tOsjMWDA4AKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJVU-INEwinldSsjMWDAxWYu9EEHRNBB36wE9mJxxTIE5KGsuMD2BMKiBQG2BQB0BUB-BYBgBcB6BcF
Requested by
Host: 046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
URL: https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame F3D6 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lqzyjw4v&c=2583389780372&slotId=1291694890186&qqid=CKCf1ayMxYMDFZi70QQdE0EHfg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.148&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1004::5e Fort Worth, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame F3D6 		31 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DE8EmY6ANuy0tl5iRcWsHqzlb9jbTWq0MRd7SXUheVDOLBj21awLQOlBO4TxIkyAWqi6i5_hZ5jSwno6qMJWACsj33Sg&cry=1&dbm_d=AKAmf-BQrSFveFz2U6F_Vb9eaYSiIm8Py9piCk3MG0gsWwpHKggxX71kpHJfXd90_bgGacgJ54MwH8dZj408RyvirJ8kl8sVMJfpmKzVzVqFQhuBJSMSn9BJTzBLNLeErORgUM50BQHhm_6tpwByusJHZifvxamEJSnudFRQTSX0RRsXhGF5syrbYmlMCDAYKMUpucU4CrsVK0M6KnshxUA-9aWrhtx8KSd1dVwsMA929wWEuyOM0nAo0hv662Qz23cADO4ZrKRWe78841xmPJPDEUlbRBw8SUjdLlK29N7r0YD2Y5YBWx11rv96bQBs3xKFVrobEwe-pBdEFWWtAhFAkUY7V4X8NHKvDfCqHGp1kuhshjPq_sW_Jt4fPixw-GycfbC62HQ2wpsDaSq-ZfGtnZP6IhKEW-6EUUnJt4EsDfRSJd3AHkyJ-uRU73LKBdU3Cbr_w7moSb6qXY5EUy8991FSu2ethIZ3-6PhhgM05L6ekXVbFxCigEx-ji-4X5w_zSfdDCi5smsX3fRZVHFZ6VBHv7Ef7crZC1vrfiBcJfD2-YYdaKENozAFa7_MVN2Xpufow0KKekzXYow8lhkxz34DEqBP0BbTCWehDmSW4QgPVlEqP2GYM4fe9qQf_1iSOJUGLnWU7FBBr3g9LTvG2ru4uDENlIsQhzK1uU-aJdFFM3u711itosD1gYgwmQP-vFyEWSZMCz7K9Nxkq6ZGZfIJ1K2wf5dcri3-p3Cu14WQbcUKB-oL1T0EMc234YEf10VuqiQVMQYHuj41Aj1_fJVLixlzzk6ACa15PSRJq7zgVbI9gMcbJVpLpQzOjvjTjrKSpJ62aSQwgCOov4nOfWToZ_afYI5gPmWtnuJehMTQWCnc7bsctuNzxe7HRP4Tgmb_BdFZsX99y32Wl81gG_yIlbtUZp2r_uEEEbgygDbMEdrj_DA_9XR_VGCKRYV-IfAo_FFLV7VlrgDEjkmHf0V1lwlLyqsDWfvtszFd2Z9G1YuYuKeOB_TJulFN-rN29iz7CbM9amWYSkrjoszEMVEZocPGO_HLiHuwOhCTRTnJTi5noZ1ZHRMOpLXoAh0aO1BJTmMOBr3aeg61yj1YLILUDlpcVDoXyjVA3xTkVUx90CfEgImTlJviCuQYpF__IheJ63XFdHzYuvCANxh2RObT0ea7b7kS8zUpZLMVnE0hILwkCxMNb1ktbtBqQxYFrZG5AusoX1hAhMD-TDj8SyFLf3kUIGmCW07pY2Rd9a5LP69iNrqH2onmC9xsdDiRvVqUIeE8p2TL0o-g-BscJDqs1ArZlLS-oyMKEgitTTQxGL2uO2EMPSQua91m7Qm5-a5RQM47st2Aa7X87gZ9to9-NQ17uUTbMxut7yDBjwGi8wnv3SHr5AkWBV4youTSCYDTftufOAC4puRwoYk49SG-QBbWb5qkMsVK-nvFAFA_ULlR54zXUCJqDZAI89a9fUOZnBNAAO4xiVS-xY9_Q4shctGE8Nbr5Qe8YnZIwYeVJ3iHzXTXGSVpYLrffEbEOsVY9Nm0T7lh1q_0JgwL_ZPjCuHXnBYz9IesOaTfZXtfZs9U_VBLiYUZuq_Aw2e1QREgwVKuYKTmAJJ-bJ-Ubwc2Fopvy-kSpYd_e2WPUspH2oZhyHlzszVkMifyqqvY4Kb3dfDl7xupsO9Rf_s3i-KgMmsovVuvEAKvEb4A3lAufHA8-Kn0EDkMJl20by47nEci1jBJkhdBtITGZgn50rqchsTQ7c2tsTNKPLYERaxnt6Z73wVJbFX6yGBSABceRjSjtqeM_6BmkQNidfzAEHqPirjL_3SF-EBlgYkK4Mfn3JFmkVYAwP0cPwqI4ZUsQBJVPuU_MJ8nZt86-t2hisEOhV-WW6JxoSQkADPkzhoWiKkiJVAjinEdXaSBu_BvIqZo4pDgm1u-c757MbfQpPFnpbxfUa5kywDEQ7a0KEfE31y8qcGUUcXIFyBoQKHSYUYhA8HPDROCzdfikolmIcLmGcWSVP9eP7K2gIdtaT7PybZQyVfcZwgfNjkJHwDraWJ3V5IbBIglgD8Bs4Q67yehlq1mzvI2SaoocB0_5ardUhx7GDO6nGnehN95zstwFTU_Bd5_usqbBZwLvbNrNNSEzVIdGt5srIR3V4kCCwPxSDRK_DrQ58Qj_lMBHBHkLmwo5ejzfUwV8w4neJJFJ4QtL0KT1fk1glQkdwpiq1AUOupoUaB5wuMPkOXPgvyNv9M2BDVIXzaFQcFhOkxElBiMx8upvMWhlIXCgexB8eQaml9I87MzAIvXrv_FGH_N3Z-4dYSVu-AFZ4Oa3TjExCT932_QS06yvKvDsDexSPUwzqUmpV9Da4P2kMz4ax74zdlxZV5zIyTDQgJmQlqPj815NxSWOuY5xEQozMV6tC0m9GK-HoFs9kVvlp1-Zl-G3tmTjjWKaSjYc4Sd4cYAIDrLPuIh3EnlBsYkQ-NV4O9oAM8QGV6kGJSFp4wHPDs8rM4Lki0c8olLLBXht1Nz42s7ck9mzcnU1B7nL9Bf4Npba75qgDUGl8nslG_OwPuhHjhh3A16yRAr0Y3u0gyjpJ5881J0pEUF9NmrBOR1DoDQTWCtds6jVgd3H4GCi0MUqqC-h4FJ2FDCNnAFwP9pg6CgyncauBhjTSbBUi9ncTzgpgWYahM0ZDueW-s-ERZpp1QGRQ8YE2mGtv-nw8F1gVuIRyFYoOlAI8xSbBjnApIrrhYe_M4D8rHOpuB-qsQQDWpEceS8Yj_qqt47TcyuOLmZjSFs_DdvaxzoX2llP_9EcYAqqF0234p6ZUuyxIwYvQosDI9vynd67DY672ZNuz45qCzYSWvW0a2JQ-jbf5yDTjg7P3hjOOeBzvVjUiKJvzV3wlAOokQJr9bpSgg0DTXsQ9XP8GJjIBkCw7tHUcIHGmDN1LIeou4wLzc_kZ5Sfq2FpEmJuSOiTUFy07V-XzSOGmrE32APftPgxCGKmrpYQkwGxld43pB29Ib4mg-5T5ckpazFZCBA_9APjMQUVOIgJmcoZKqy3Qprgzd5_X6KPuuML1fE4n9PAcwO7Br2AcXJ0tNf7M12u6EvI7MgCAgwZ9rJBsDXTyy54d7zS3WVr76oABBTGVMXjLWICGXO5GFqJMfGomoX83MgC8ZKTvWoO-sSExgIuxYAbZSuAVKh8h8Qi477_0jMnsLOm5j6TDJa4ILHl4Op1BO_TQcrVgb0y75myneiohiFLJp4Xfwm0cE7NLX5G333oA_32icdWretTNwsSs1sg9p31oKJl-73k3_Txwfy17DMj79s8lPSmT_m7xEQXjqi-oFVrBduRyWz7_paOot1itv9n1EXMPsn5Lm9Ie3l5AHd9czNW_GGtYvZLpQ-wcePMWsb9HB31ReedTlXnaaYJJE3VNGiLz-d4HANk2hMp-P2utzmyxzUUeFG1rL6zBVlXwO8JujXZMJQzGeWX3esAvQCXlzQMWd-Rq3HqHr459xNuW5NKU5Z3Ys2TO0zNceKKdg6GL_Kyu5_tcBZvQn_e6tAhcsoKHAl7h1RjjMWgT1NKF5hDphCHfL-_kWaCDWn3t2AgKjmDZ-36t4BWXkX7FwbnL8uyqls_8crdSc7JkWeXNqbyxgIUfsw-x3YciZ50lbdX-N6rF4VpfPwsklIQqD6tDFXxr6komQPbi9gix5_yARklIXHUh2nz0IeRX4VtRhACclz1A9jzJ83MmqhT1fQ03tMX-a9UGF0X5PXg_n2HZk1YdHLl457g_O9o0Isr4LnZkBeXXRY0bcjs9f3zQLgXhfRWNrUW18DKhYKcacv2WijVtTwdXbBXjxHe-2zxDJKqXrQrfb_u_JUN7a0pSSwDazQEaWaazioYmCmtsejyOQhAzicODZffJ_AYNU_YCqheieUPVhOsfkUXH_1c8srDRhXgiUv7xUh6jVcJ_ro3bJ2BN4QhNWaJjn8nJ_nY9k3RPf2cmKrv2DtufWFFXojJbcS41nrlQ3EvqlK_FHy_P9cqnEaz-sV24qs7ZuTd5y6cLXBf6iPxNoQ&cid=CAQSPAAvHhf_selY_aDOvVHEXDBBcuaYaqBpPCII7-PGqmCnSyF_L8w1EJgqsmyQ-Dn-y83BDFNgBVFW-NpKuRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN (),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17800
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D04E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
URL: https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
36118
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 15:27:00 GMT
etag
48472445140208031
expires
Fri, 05 Jan 2024 15:27:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F3D6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
i.match
a.tribalfusion.com/ Frame D04E 		43 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESELzPb_22HChqPwUM2Y7KJ-s&google_cver=1&google_push=AXcoOmSFwPFq7lEbW0I5Cef4QOrHeVs0Hbu-kEOxnwQ0YGsIrpJxwNCPoUMbVOZZn9dXIF8p0Ds7u8bWxCKoa3z4DJG3ojL0cH7SfQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSFwPFq7lEbW0I5Cef4QOrHeVs0Hbu-kEOxnwQ0YGsIrpJxwNCPoUMbVOZZn9dXIF8p0Ds7u8bWxCKoa3z4DJG3ojL0cH7SfQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
URL: https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8407f293bffa3dd7-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D04E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlpkYlFBQU1JandJNVFCSA==&google_gid=CAESEOABAetaFdJfY7IFGo4nLdY&google_cver=1&google_push=AXcoOmTck6SzbOtBq7cgzlm08ZvgvRJLc9...
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlpkYlFBQU1JandJNVFCSA==&google_gid=CAESEOABAetaFdJfY7IFGo4nLdY&google_cver=1&google_push=AXcoOmTck6SzbOtBq7cgzlm08ZvgvRJLc9uaSs_F7EZcKXD5TdwTI_QrA_WLQj_qDdFFGj2LtkrKLouID8yWkJwSkY9ovODU5UHchQ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-mia-kmia1760054-MIA
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704418138.198025,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlpkYlFBQU1JandJNVFCSA==&google_gid=CAESEOABAetaFdJfY7IFGo4nLdY&google_cver=1&google_push=AXcoOmTck6SzbOtBq7cgzlm08ZvgvRJLc9uaSs_F7EZcKXD5TdwTI_QrA_WLQj_qDdFFGj2LtkrKLouID8yWkJwSkY9ovODU5UHchQ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame D04E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECC_wCIIn-_-3YZLeMqTGF4&google_cver=1&google_push=AXcoOmReALEMZ_yy1rco9ecs-22K_P25gi6bYjNPPKD1UyJimLUT8jXTqsfaj2uinAIqi002aGOS1U8oyTWVYRP4E_0CL1b...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmReALEMZ_yy1rco9ecs-22K_P25gi6bYjNPPKD1UyJimLUT8jXTqsfaj2uinAIqi002aGOS1U8oyTWVYRP4E_0CL1bUjpA9PA&google_hm=eS1BN1FRNVk1RTJwRVBP...
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmReALEMZ_yy1rco9ecs-22K_P25gi6bYjNPPKD1UyJimLUT8jXTqsfaj2uinAIqi002aGOS1U8oyTWVYRP4E_0CL1bUjpA9PA&google_hm=eS1BN1FRNVk1RTJwRVBPYWIuUE12aVZSemVXZWZVVFRkM35B
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 05 Jan 2024 01:28:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmReALEMZ_yy1rco9ecs-22K_P25gi6bYjNPPKD1UyJimLUT8jXTqsfaj2uinAIqi002aGOS1U8oyTWVYRP4E_0CL1bUjpA9PA&google_hm=eS1BN1FRNVk1RTJwRVBPYWIuUE12aVZSemVXZWZVVFRkM35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame D04E
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMqghldNzNQFuu6-coOlr5s&google_cver=1&google_push=AXcoOmQYLMWZVqyMV_vpAGf7q30o_FSGCPwXEGkvU6XEgeSCyhClT0wIZQg8DmhMUuaKkfREDgTrJ2K0VKf-ZNx2HYabyCRRh7LsOQ
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQYLMWZVqyMV_vpAGf7q30o_FSGCPwXEGkvU6XEgeSCyhClT0wIZQg8DmhMUuaKkfREDgTrJ2K0VKf-ZNx2HYabyCRRh7LsOQ&google_hm=mSvwKOU_wGoIfLce_iQjRA==
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQYLMWZVqyMV_vpAGf7q30o_FSGCPwXEGkvU6XEgeSCyhClT0wIZQg8DmhMUuaKkfREDgTrJ2K0VKf-ZNx2HYabyCRRh7LsOQ&google_hm=mSvwKOU_wGoIfLce_iQjRA==
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQYLMWZVqyMV_vpAGf7q30o_FSGCPwXEGkvU6XEgeSCyhClT0wIZQg8DmhMUuaKkfREDgTrJ2K0VKf-ZNx2HYabyCRRh7LsOQ&google_hm=mSvwKOU_wGoIfLce_iQjRA==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
pixel
cm.g.doubleclick.net/ Frame D04E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGFDxITmVHlA3mpFcPEJl8o&google_cver=1&google_push=AXcoOmSsmGgrfbDJoJ_F_G3eSunfshhLo_xYvRFaOQsnOv0F4EhTxwWTomBzfPGx5bHXaCr5xOHpHOxFGMSFs...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSsmGgrfbDJoJ_F_G3eSunfshhLo_xYvRFaOQsnOv0F4EhTxwWTomBzfPGx5bHXaCr5xOHpHOxFGMSFspwASw79akkvkLG9lw&google_hm=QlVlOHQ4QUdLQ2xCRl...
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSsmGgrfbDJoJ_F_G3eSunfshhLo_xYvRFaOQsnOv0F4EhTxwWTomBzfPGx5bHXaCr5xOHpHOxFGMSFspwASw79akkvkLG9lw&google_hm=QlVlOHQ4QUdLQ2xCRlU5ZzVHeFE=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:58 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSsmGgrfbDJoJ_F_G3eSunfshhLo_xYvRFaOQsnOv0F4EhTxwWTomBzfPGx5bHXaCr5xOHpHOxFGMSFspwASw79akkvkLG9lw&google_hm=QlVlOHQ4QUdLQ2xCRlU5ZzVHeFE=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
238
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D04E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECemyniuPJpgJFg_geX-kIU&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECemyniuPJpgJFg_geX-kIU&google_hm=ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB&google_nid=index&google_push=AXcoOmTL57zc_GuzeBoGbns-b_irrQPdNI9Vc...
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECemyniuPJpgJFg_geX-kIU&google_hm=ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB&google_nid=index&google_push=AXcoOmTL57zc_GuzeBoGbns-b_irrQPdNI9VcAf3O21wFclZ8xuOO7re1BsWysk8QHf22qiNMzHoCGq-mOYKdCq4Bl0sM6qfNIQTlQ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNXvdxF8KCzRdpMA3%2Fddersj5xbJntv3X3x4FY%2B5gx7SN7wEyh6kBOK4mi0TG%2BHttjWNxBLt0RrMKpI3FIlWOgAUubrn7GYL%2FqbZ18kW2rDzC%2BOt73C9CV3Wf4qrQEl4TX%2BzJvjRpZn2tw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECemyniuPJpgJFg_geX-kIU&google_hm=ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB&google_nid=index&google_push=AXcoOmTL57zc_GuzeBoGbns-b_irrQPdNI9VcAf3O21wFclZ8xuOO7re1BsWysk8QHf22qiNMzHoCGq-mOYKdCq4Bl0sM6qfNIQTlQ
cache-control
no-cache
cf-ray
8407f293cbe125a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame D04E
Redirect Chain
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEGGVm8NNlv91EGMLquulxIE&google_cver=1&google_push=AXcoOmSRR-pu0vHdYdU-ki_qeelPPQNlc7o0p02k5nfw47jWzKSNtrZXAqTdcKxHmDDEej9J6o8R7jTZaxXKGInu4TW0hB6...
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZTAzZjg3MmY2NTZmNGE3MmEzNTYzYTNlNjc3M2Y3YTg%3D&UIDF=CAESEGGVm8NNlv91EGMLquulxIE&google_cver=1&google_push=AXcoOmSRR-pu0vHdYdU-ki_qeelP...
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZTAzZjg3MmY2NTZmNGE3MmEzNTYzYTNlNjc3M2Y3YTg%3D&UIDF=CAESEGGVm8NNlv91EGMLquulxIE&google_cver=1&google_push=AXcoOmSRR-pu0vHdYdU-ki_qeelPPQNlc7o0p02k5nfw47jWzKSNtrZXAqTdcKxHmDDEej9J6o8R7jTZaxXKGInu4TW0hB6fRvrIZw
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZTAzZjg3MmY2NTZmNGE3MmEzNTYzYTNlNjc3M2Y3YTg%3D&UIDF=CAESEGGVm8NNlv91EGMLquulxIE&google_cver=1&google_push=AXcoOmSRR-pu0vHdYdU-ki_qeelPPQNlc7o0p02k5nfw47jWzKSNtrZXAqTdcKxHmDDEej9J6o8R7jTZaxXKGInu4TW0hB6fRvrIZw
date
Fri, 05 Jan 2024 01:28:58 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
attr
cm.g.doubleclick.net/pixel/ Frame D04E 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IzebHMwjsfQsIbjhoSVQLtDvOI8UCKnreM-J8-R8aYG9nGkrW6lWuVAuIa_SqTwTWyjQ7p
Requested by
Host: 046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
URL: https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChhZ8WFuXZaCTJ5j3xtYPk4Kd8AfG7ozbc4r43begEvAuEAEgsMjAIWDJhoCA3KPEEMgBBagDAaoEugJP0AYXGvhmzxqHfLCh3vPfVBxpy-yFUQcsJhpGT8SfOPeJtY9VGXiOtWKlGUVgw2vi3oxlf78xGkBKC15KDVS62jXcB-oMIZvmEwvOL43FhlEaDIHqtp2g1T6GgV10biIrCElrXLimlluNwg7XB7ohquZy_f1ZQ0qArU2qTiTnQbfhMuxnlhOUKdYmeS3zAwOlTbfH4-5uiALx0UKDJdps31yqpLTGalDssMiVp1EJkOav21dxDYx-PDixGKdhc1kh8Syfr0ZUW_gEnfJiKTNuiIWakyVn6naVhzzv3KBKnOlu3SmvD1B9I0bsGfruwM-wsqJoDnk1zQgwhA7XYN3rsKwfoF4jN1ETl_Fim9pNTJNWSojUcyEqxkOIyCV-y6WehgwZRHJHHy6jiFrVOjMrJwmHEOtE6VwXwsAEsuDYsKUE4AQDiAWEjIyRTJIFCwgiEAMYA0iFrIcCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAe-vvg3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQ4t0JGOGPrPMB0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOli57tOsjMWDA4AKA8gLAaIMECoOCgzktLEC7rWxArW4sQLiDRMIp5XUrIzFgwMVmLvRBB0TQQd-sBPZiccUyBOShrLjA9gTCogUBtgUAdAVAYAXAbIXHgocCAASFHB1Yi0yMzI1NDc5MTg2NDg1MzM4GNTEDOgXBQ&sigh=r8-5MKuA_Cw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_selY_aDOvVHEXDBBcuaYaqBpPCII7-PGqmCnSyF_L8w1EJgqsmyQ-Dn-y83BDFNgBVFW-NpKuRgB&vt=10&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 01:28:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame F3D6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChhZ8WFuXZaCTJ5j3xtYPk4Kd8AfG7ozbc4r43begEvAuEAEgsMjAIWDJhoCA3KPEEMgBBagDAaoEugJP0AYXGvhmzxqHfLCh3vPfVBxpy-yFUQcsJhpGT8SfOPeJtY9VGXiOtWKlGUVgw2vi3oxlf78xGkBKC15KDVS62jXcB-oMIZvmEwvOL43FhlEaDIHqtp2g1T6GgV10biIrCElrXLimlluNwg7XB7ohquZy_f1ZQ0qArU2qTiTnQbfhMuxnlhOUKdYmeS3zAwOlTbfH4-5uiALx0UKDJdps31yqpLTGalDssMiVp1EJkOav21dxDYx-PDixGKdhc1kh8Syfr0ZUW_gEnfJiKTNuiIWakyVn6naVhzzv3KBKnOlu3SmvD1B9I0bsGfruwM-wsqJoDnk1zQgwhA7XYN3rsKwfoF4jN1ETl_Fim9pNTJNWSojUcyEqxkOIyCV-y6WehgwZRHJHHy6jiFrVOjMrJwmHEOtE6VwXwsAEsuDYsKUE4AQDiAWEjIyRTJIFCwgiEAMYA0iFrIcCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAe-vvg3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQ4t0JGOGPrPMB0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOli57tOsjMWDA4AKA8gLAaIMECoOCgzktLEC7rWxArW4sQLiDRMIp5XUrIzFgwMVmLvRBB0TQQd-sBPZiccUyBOShrLjA9gTCogUBtgUAdAVAYAXAbIXHgocCAASFHB1Yi0yMzI1NDc5MTg2NDg1MzM4GNTEDOgXBQ&sigh=r8-5MKuA_Cw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_selY_aDOvVHEXDBBcuaYaqBpPCII7-PGqmCnSyF_L8w1EJgqsmyQ-Dn-y83BDFNgBVFW-NpKuRgB&vt=10&cbvp=2&vis=1
Requested by
Host: 046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
URL: https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 05 Jan 2024 01:28:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixels
bcp.crwdcntrl.net/ Frame 6ED3 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?src=LTJS&s=154%2C94%2C122%2C26%2C2%2C161&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.158.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-158-19.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-length
1179
content-type
text/html
date
Fri, 05 Jan 2024 01:28:58 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.62.183
csi
csi.gstatic.com/ Frame F3D6 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lqzyjw5l&c=2583389780372&slotId=1291694890186&qqid=CKCf1ayMxYMDFZi70QQdE0EHfg&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1004::5e Fort Worth, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame F3D6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 Ashburn, United States, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 08:34:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
147290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jan 2025 08:34:08 GMT
file.mp4
r3---sn-q4fzen7e.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame F3D6
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r3---sn-q4fzen7e.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-q4fzen7e.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2A9A063A849C8B7BC9B017466AC1E89469673115.47A8E1B058D48CC9D84F8DA2B5C75A77B106E9DA/key/cms1/cms_redirect/yes/mh/hX/mip/2001:550:1d05:1::7/mm/42/mn/sn-q4fzen7e/ms/onc/mt/1704417316/mv/u/mvi/3/pl/48/file/file.mp4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Server
2607:f8b0:4000:9::8 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:58 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
8221378
Last-Modified
Tue, 17 Oct 2023 17:08:40 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Fri, 05 Jan 2024 01:28:58 GMT

Redirect headers

date
Fri, 05 Jan 2024 01:28:58 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
647
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
location
https://r3---sn-q4fzen7e.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2A9A063A849C8B7BC9B017466AC1E89469673115.47A8E1B058D48CC9D84F8DA2B5C75A77B106E9DA/key/cms1/cms_redirect/yes/mh/hX/mip/2001:550:1d05:1::7/mm/42/mn/sn-q4fzen7e/ms/onc/mt/1704417316/mv/u/mvi/3/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=staradvertiser.com&p=%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&u=BZrUvzDXMdnwBwzJOh&d=staradvertiser.com&g=48334&g0=Top%20News&g1=Associated%20Press&n=1&f=00001&c=0.5&x=0&m=0&y=6503&o=1600&w=1200&j=45&R=0&W=0&I=1&E=4&e=0&r=&PA=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&b=4669&t=Cg_P3IDv3fU9CFNua1BncpGVBUIYri&V=143&tz=600&_acct=anon&sn=3&sv=6wmX1DMZZK2CtCFufCc_GvkDC00Po&sr=external&sd=1&im=067b0fff&_
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.113.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-113-238.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
sync
eb2.3lift.com/ Frame 7175 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1361
content-type
text/html; charset=utf-8
date
Fri, 05 Jan 2024 01:28:58 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
qmap
sync.crwdcntrl.net/ Frame 6ED3
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16622%26tp%3DALDX%26tpid%3D%24{ADELPHIC...
  • https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=6adc7340-ca96-462d-b37b-baa1d1730357&gdpr=0
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=6adc7340-ca96-462d-b37b-baa1d1730357&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=154%2C94%2C122%2C26%2C2%2C161&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
3.226.158.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-158-19.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.60.109
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=6adc7340-ca96-462d-b37b-baa1d1730357&gdpr=0
Date
Fri, 05 Jan 2024 01:28:58 GMT
Connection
keep-alive
X-CI-RTID
6f60defb-9c67-442a-a296-abceac72a1b3
Content-Length
131
Content-Type
text/html; charset=utf-8
ibs:dpid=121998&dpuuid=c7ad65278a0c19aea11723b7364d8a21&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
dpm.demdex.net/ Frame 6ED3 		42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=c7ad65278a0c19aea11723b7364d8a21&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=154%2C94%2C122%2C26%2C2%2C161&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.172.142.205 Ashburn, United States, ASN (),
Reverse DNS
ec2-54-172-142-205.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-va6-1-v053-0740ee61b.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
5a2upSvzSVA=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC
41715
i.liadm.com/s/ Frame 6ED3 		43 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=c7ad65278a0c19aea11723b7364d8a21
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=154%2C94%2C122%2C26%2C2%2C161&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.180.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-180-1.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:28:58 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif
gdpr=0
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZdbQAAMIjwI5QBH/ Frame 6ED3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZdbQAAMIjwI5QBH/gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZdbQAAMIjwI5QBH/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=154%2C94%2C122%2C26%2C2%2C161&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
3.226.158.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-158-19.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.59.83
content-length
49
expires
0

Redirect headers

x-served-by
cache-mia-kmia1760054-MIA
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704418138.337702,VS0,VE0
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZdbQAAMIjwI5QBH/gdpr=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rand=699697667
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7386633197929965226/gdpr=0/ Frame 6ED3
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=699697667
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7386633197929965226/gdpr=0/rand=699697667
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7386633197929965226/gdpr=0/rand=699697667
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=154%2C94%2C122%2C26%2C2%2C161&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
3.226.158.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-158-19.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.61.16
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
an-x-request-uuid
0b3e80ad-3898-4b3b-97a8-5a247b434842
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7386633197929965226/gdpr=0/rand=699697667
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
partner.mediawallahscript.com/ Frame 6ED3
Redirect Chain
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=c7ad65278a0c19aea11723b7364d8a21&custom=&tag_format=img&tag_action=sync
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=c7ad65278a0c19aea11723b7364d8a21&custom=&tag_format=img&tag_action=sync&final=true&reqid=cc6b3d80-ab69-11ee-8cd9-af990b168...
  • https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
  • https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=7386633197929965226&tag_format=img&tag_action=sync
  • https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=cc741720-ab69-11ee-8617-cd9cfcea2df3?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=c7ad65278a0c19aea11723b7364d8a21&tag_format=img&tag_action=sync&cb=652303031
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
  • https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=736096f3-a33b-4e74-a900-147a47dba0f3&tag_format=img&tag_action=sync&cb=
  • https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=cc741720-ab69-11ee-8617-cd9cfcea2df3&cb=1704418138909&rmn=y&redirect=https%3A%2F%2Fpartner.me...
  • https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=69b8b48a-60c1-4f84-9ab7-2102c2a0b21a&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1704418138909
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync
  • https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=ccf3ce70-ab69-11ee-8ead-abde2e6f7d25
0
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=ccf3ce70-ab69-11ee-8ead-abde2e6f7d25
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=154%2C94%2C122%2C26%2C2%2C161&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
54.85.146.200 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Fri, 05 Jan 2024 01:28:59 GMT
cache-control
private, no-cache, must-revalidate, no-store, max-age=0
server
nginx
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=ccf3ce70-ab69-11ee-8ead-abde2e6f7d25
date
Fri, 05 Jan 2024 01:28:59 GMT
cross-origin-resource-policy
cross-origin
content-length
0
xuid
eb2.3lift.com/ Frame 7175
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4945&xuid=59e9df5d-c912-4e7b-b753-fe5a89a9761c&dongle=31ac&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4945&xuid=59e9df5d-c912-4e7b-b753-fe5a89a9761c&dongle=31ac&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
//eb2.3lift.com/xuid?mid=4945&xuid=59e9df5d-c912-4e7b-b753-fe5a89a9761c&dongle=31ac&gdpr=0&gdpr_consent=
date
Fri, 05 Jan 2024 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ups.analytics.yahoo.com/ups/58382/ Frame 7175 		0
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58382/sync?uid=2687056411155449827788&_origin=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
xuid
eb2.3lift.com/ Frame 7175
Redirect Chain
  • https://csync.loopme.me/?pubid=11002&redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6126%26xuid%3D%7Bdevice_id%7D%26dongle%3D9e4f%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6126&xuid=d08b0939-e7dd-47e1-a1ce-13919d351d77&dongle=9e4f&gdpr
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6126&xuid=d08b0939-e7dd-47e1-a1ce-13919d351d77&dongle=9e4f&gdpr
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=6126&xuid=d08b0939-e7dd-47e1-a1ce-13919d351d77&dongle=9e4f&gdpr
date
Fri, 05 Jan 2024 01:28:58 GMT
server
_
content-length
0
xuid
eb2.3lift.com/ Frame 7175
Redirect Chain
  • https://event.hgrtb.com/sync/triplelift?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmfuid%26dongle%3D8f7
  • https://eb2.3lift.com/xuid?mid=7666&xuid=12391b1a-2bfc-428a-9b80-5e93db9b32f7&dongle=8f7
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7666&xuid=12391b1a-2bfc-428a-9b80-5e93db9b32f7&dongle=8f7
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7666&xuid=12391b1a-2bfc-428a-9b80-5e93db9b32f7&dongle=8f7
date
Fri, 05 Jan 2024 01:28:58 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
119
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 7175
Redirect Chain
  • https://p.rfihub.com/cm?pub=36497&in=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7414&xuid=1813050728247349171&dongle=U48
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7414&xuid=1813050728247349171&dongle=U48
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=7414&xuid=1813050728247349171&dongle=U48
Date
Fri, 05 Jan 2024 01:28:58 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
xuid
eb2.3lift.com/ Frame 7175
Redirect Chain
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3DK5XH98XlPE9c%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=2636&xuid=K5XH98XlPE9c&dongle=8bee&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2636&xuid=K5XH98XlPE9c&dongle=8bee&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://eb2.3lift.com/xuid?mid=2636&xuid=K5XH98XlPE9c&dongle=8bee&gdpr=0&gdpr_consent=
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-fsdm2
expires
-1
xuid
eb2.3lift.com/ Frame 7175
Redirect Chain
  • https://trc.taboola.com/sg/TripleliftSCoD/1/cm?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7772%26xuid%3D%3CTUID%3E%26dongle%3Dtbla
  • https://eb2.3lift.com/xuid?mid=7772&xuid=055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc&dongle=tbla
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7772&xuid=055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc&dongle=tbla
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

x-vcl-time-ms
37
date
Fri, 05 Jan 2024 01:28:58 GMT
via
1.1 varnish
x-served-by
cache-mia-kmia1760025-MIA
server
nginx
x-timer
S1704418138.478934,VS0,VE37
x-fastly-to-nlb-rtt
35911
x-cache
MISS
location
https://eb2.3lift.com/xuid?mid=7772&xuid=055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc&dongle=tbla
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0
xuid
eb2.3lift.com/ Frame 7175
Redirect Chain
  • https://sid.storygize.net/ccm/9779a491-75d6-4ad2-92bd-2f159c9892ab
  • https://eb2.3lift.com/xuid?mid=3396&xuid=e70a7824-89af-41a5-a56b-06996c8ccf7d&dongle=c7e1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3396&xuid=e70a7824-89af-41a5-a56b-06996c8ccf7d&dongle=c7e1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3396&xuid=e70a7824-89af-41a5-a56b-06996c8ccf7d&dongle=c7e1
date
Fri, 05 Jan 2024 01:28:58 GMT
content-length
0
xuid
eb2.3lift.com/ Frame 7175
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1245&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7354&xuid=5394353749448417114&dongle=AD20&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7354&xuid=5394353749448417114&dongle=AD20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eb2.3lift.com/xuid?mid=7354&xuid=5394353749448417114&dongle=AD20&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
xuid
eb2.3lift.com/ Frame 7175
Redirect Chain
  • https://match.deepintent.com/usersync/140?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7596&xuid=di_c053429087de436daa35a&dongle=fg7
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7596&xuid=di_c053429087de436daa35a&dongle=fg7
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 Jan 2024 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7596&xuid=di_c053429087de436daa35a&dongle=fg7
date
Fri, 05 Jan 2024 01:28:57 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
setuid
u.4dex.io/ Frame 7175 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=triplelift&uid=2687056411155449827788
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame B96F 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 Ashburn, United States, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
101622
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 21:15:16 GMT
expires
Thu, 02 Jan 2025 21:15:16 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame B96F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 16:30:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
32305
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jan 2025 16:30:33 GMT
file.mp4
r3---sn-q4fzen7e.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame F3D6 		107 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-q4fzen7e.c.2mdn.net/videoplayback/id/6faf6ca8e26d3602/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010616/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2A9A063A849C8B7BC9B017466AC1E89469673115.47A8E1B058D48CC9D84F8DA2B5C75A77B106E9DA/key/cms1/cms_redirect/yes/mh/hX/mip/2001:550:1d05:1::7/mm/42/mn/sn-q4fzen7e/ms/onc/mt/1704417316/mv/u/mvi/3/pl/48/file/file.mp4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4000:9::8 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range
bytes=0-

Response headers

expires
Fri, 05 Jan 2024 01:28:58 GMT
date
Fri, 05 Jan 2024 01:28:58 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-8221377/8221378
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
8221378
last-modified
Tue, 17 Oct 2023 17:08:40 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
client-protocol
quic
player-event
events.qortex.ai/api/v1/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jan 2024 01:28:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4iGTELhawv%2BEApH904L80Ck2qANIqxbWDqH4skkTWPCX3bqjfvFO3GWbqGxJpjU8hvy7pUvUb5s1tJy7Qm7iFaGpvwwcDJoHa784kLicXxP1fGFPWJ3AvEtf4KPyw26ISoTO9eocAwc24Whkew%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8407f2970afc7449-MIA
content-length
0
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8407f296aa3c7449-MIA
date
Fri, 05 Jan 2024 01:28:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=luBVtBJnXM4X5pYMl3tOddyWxAW7qllmVUD0cGWgXWa7psRPq%2F5xD1ajTjE8q8Xv8AqcTR41CVJu%2F1ik%2FGOTukQwQpmIkym0hQoCQXr6PNUHD0B2IKrnAf6R0olWERQUcx1KE0%2BJNQPlawJS9%2FM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
gen_204
pagead2.googlesyndication.com/pagead/ Frame B96F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BoLL7WluXZa7oCfmlnboPpYi9gA4AAAAAOAHgBAI&bg=!JiWlJWrNAAY3kmNgF5I7ADQBe5WfOOcnZ9-4mpsVIGDPGXzX9GkWNnJrd-aS7XZL_Ai8WU8bLZk8x6fSkoJrWcBUSZPIAgAAANRSAAAABmgBB5kDB_rY5T3qQ8VqU9MgYcmxq0gx7nlbyL0KPgY6CXXG-ZQTchlmFW6nwMPMyyKRqza1SOTfFm08SJgEgPEbU5XOFXc3aQiy8dRe73ApN3ZV5FkEMte1xZE8gLgJYS6UxAM8jt6nv_DKDCvXcC8RuTcMr-Ybr0cEsJjMnMv7PysAdvXqIpZcmhKxVvXzP6qiMm8h1B2soHB_askr-bKdrzWlJBk-CelGE3EiaATuzA31CIZNcNx8a3YAjyE0uba1H9DA55ybYqhZK0cThfPyFB_unCHgAa2s3ALWW7xQcbPudl8JN-aPt0IdFHeTzD6aEtiboQyOxMLHBLQrEf9YgiJjrQ2txU4pMzre0zCZVLb7sCVlUlzYPa4iq71nOi_TLAv9rbI0ZSJbgOceHSP4X6uBegeaYhvs237v9pTF10cGeHYL2af5YIHywGg0vz2dlVwTzTNrYjXuRC_MXzOj3Wat3FdSg9aLtQvZPQqYcZo7WHrgTKFa5TeIiix-peHwOGaMcl7QJfWXa4t4pZ474Ex0KsE-fRbFi-tEjsDS8L1-QkRjFwm4sIhEBu16NJKYUdkf1BYWo1uVH5D9TCb3FHrBwX4bySGyZE4Jjx0Huub6-cBEhQX_0RLj7aq7A7FEWwVSli4mBUIQPKPnXhgv-XL0I-oU7b5DSG4J2z8RJjd2hBjr5CGsELp5qlZq5UtZNRQZst5f_zz-pTT4_FsKnZVviTN2Fq0JrfgOixv9B3kHR8-DYwo0V0jZ2aNTCLCPuEfhcKJ0UaJ8qzVvg1KKsj0R0dIUmE9j3Ldd99Pr0ZLVEdxYoxFuGBQxyxeP6JgKGeF_EHHINOBOF8t0INGtIv-dpuCXTManQIMmlCOIngnDodTNG28U-t3CltoanM5JJURnIzPFogQF5t6OeGpa1ZsktdVS5O7qMp7CZ6N4SX_FEluN8vRte29Beq6-1zESNaeP_cVUiyJoExy1t_aZREY_sxl14DOC5GdrSv_lUHgH1vmOVDEA_lvSkGiLTSvDTHUsTJBunHuLUkE
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
sb.scorecardresearch.com/ Frame 2894 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1704418111065&ns_st_ec=4&ns_st_sp=1&ns_st_sc=1&ns_st_psq=2&ns_st_asq=2&ns_st_sq=2&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=19934&ns_st_cl=34073&ns_st_hc=2&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=3287948&ns_st_pt=19999&ns_st_dpt=3899&ns_st_ipt=3899&ns_st_ap=19999&ns_st_dap=3899&ns_st_et=20592&ns_st_det=3899&ns_st_upc=19934&ns_st_dupc=3834&ns_st_iupc=3834&ns_st_upa=19934&ns_st_dupa=3834&ns_st_iupa=3834&ns_st_lpc=19934&ns_st_dlpc=3834&ns_st_lpa=19934&ns_st_dlpa=3834&ns_st_pa=19999&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1704418139223&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=0&ns_st_pp=1&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Oahu%20Publications%20Recirc&c3=sendtonews&c4=News&c6=*null&c7=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&c8=&c9=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-29.iad12.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:59 GMT
via
1.1 6400936fc4525d1c60e3e8fee9d4806e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
IAD12-P2
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
O56nibvYpZpjMY-Q52aPErmxQp5vJkwKfjDhbxRuVjLRO0tdZ1ZryA==
setuid
u.4dex.io/
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://u.4dex.io/setuid?bidder=sovrn&uid=H8B4hBZHEQ_m7NwFTi24NL7-
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=sovrn&uid=H8B4hBZHEQ_m7NwFTi24NL7-
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:59 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Date
Fri, 05 Jan 2024 01:28:59 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://u.4dex.io/setuid?bidder=sovrn&uid=H8B4hBZHEQ_m7NwFTi24NL7-
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
csi
csi.gstatic.com/ Frame F3D6 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lqzyjwbx&c=2583389780372&slotId=1291694890186&qqid=CKCf1ayMxYMDFZi70QQdE0EHfg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1992&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1ax~vil.1r1&ua_e=1&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1004::5e Fort Worth, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:59 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 05 Jan 2024 01:28:59 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 2894 		139 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:59 GMT
an-x-request-uuid
8c08344b-39f1-44ee-9bfd-ff81a2af33c7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 2894 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Fri, 05 Jan 2024 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame 2894 		0
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 2894 		37 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=438214
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuK6LZGIpj9DUJKKrHsKU8%2BOc4OO06TU5Q7ilTs2zH3qH3g3IGw%2BWspZJl%2FZruu%2BYhv5UyvbzLxcxIekmKGMgeDe5BY%2BLAgh5I3KADPddMMvAOC8HQIL1QRoT8lQzh0Z%2BkKXkwdh"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8407f29b2b3425a3-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
auction
tlx.3lift.com/header/ Frame 2894 		19 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.6.0&referrer=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&tmax=3000&us_privacy=1---
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.194.35.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-35-34.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:59 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb
hb.undertone.com/ Frame 2894 		0
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3590&domain=staradvertiser.com&ccpa=1---
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-73.iad89.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 01:28:59 GMT
via
1.1 7a99ed3f39c18af8fe138a695e5f657c.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
IAD89-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
i-E1j5-kzvhMVmjIh_s2fErpgxE7FXC7dhyWzzRCzzPGQxLk2se0_A==
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 2894 		185 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.6.0
Content-Type
application/json
access-control-allow-origin
https://www.staradvertiser.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
Expires
0
bid
aax.amazon-adsystem.com/e/dtb/ Frame 2894 		574 B
1017 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F2024%2F01%2F04%2Fbreaking-news%2Fmore-than-20-injured-after-new-york-city-subway-train-derails%2F&pid=RpnEwdKqxMHYi&cb=2&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!stnvideo.com%2CSTN_0001779%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*PSL19mRsp2eSNHfZHXax3p48aYSLeyTgjDI7RywaQXh6PkESV6xbj8FWB2xIPr39ej8cWgbQ9IK4p5B-RHR0LQ%22%2C%22pubcommon%22%3A%2295d1454d-e53e-46b3-b4de-3341491a2a03%22%2C%22audigent%22%3A%22%257B%2522hadronId%2522%253A%2522060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%2522%257D%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.66.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-66-130.iad12.r.cloudfront.net
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:59 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c1bfc7dbcf7f9782aa3be590b7ce3d6a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD12-P1
x-amz-rid
9B1K7EDW50YPQGTQRP6S
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
574
x-amz-cf-id
OJjN84kQkcAdDofnf2mJG3sGiuyWPDcFsoIoC906dMLgIY-kM068Ug==
7318ffc0e8fa1d771446
s.amazon-adsystem.com/x/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/7318ffc0e8fa1d771446
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
bidswitch
sync-dmp.mobtrakk.com/match/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=sonobi&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc
43 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=sonobi&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Server
5.161.188.99 Ashburn, United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.99.188.161.5.clients.your-server.de
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx
content-length
43
content-type
image/gif

Redirect headers

Location
//sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=sonobi&bsw=f23bd312-5bb6-424a-95e9-d15220f0e7dc
Date
Fri, 05 Jan 2024 01:28:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
362588.gif
idsync.rlcdn.com/
Redirect Chain
  • https://idsync.rlcdn.com/711892.gif?partner_uid=770043a8-af77-46db-9a99-c38ce904d888
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
  • https://idsync.rlcdn.com/362588.gif?partner_uid=736096f3-a33b-4e74-a900-147a47dba0f3
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362588.gif?partner_uid=736096f3-a33b-4e74-a900-147a47dba0f3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:59 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/362588.gif?partner_uid=736096f3-a33b-4e74-a900-147a47dba0f3
date
Fri, 05 Jan 2024 01:28:59 GMT
server
Kestrel
content-length
199
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NzcwMDQzYTgtYWY3Ny00NmRiLTlhOTktYzM4Y2U5MDRkODg4
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIk7fdlB9ogQimS7TR93pzw&google_cver=1
0
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=e315a43aa9&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=736096f3-a33b-4e74-a900-147a47dba0f3&pubid=e315a43aa9
0
0
ecm3
s.amazon-adsystem.com/ 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sonobi.com&id=770043a8-af77-46db-9a99-c38ce904d888
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 01:28:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MH9E87GFYAZP6MVZ3X7V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/
Redirect Chain
  • https://id5-sync.com/s/434/9.gif?puid=770043a8-af77-46db-9a99-c38ce904d888&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=7386633197929965226&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1246%2F8%2F2.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr...
0
0
receive
pixel.tapad.com/idsync/ex/ 		95 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=770043a8-af77-46db-9a99-c38ce904d888
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:28:59 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
getuid
ib.adnxs.com/ 		0
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1813050728247349171
0
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub9935550313792
  • https://sync.go.sonobi.com/us.gif?nuid=OPU6f38051ae3b444a4aea786afd04874f0&nw=oa
0
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=sonobi
0
0
ibs:dpid=87880&dpuuid=770043a8-af77-46db-9a99-c38ce904d888
dpm.demdex.net/ 		42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=87880&dpuuid=770043a8-af77-46db-9a99-c38ce904d888
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.172.142.205 Ashburn, United States, ASN (),
Reverse DNS
ec2-54-172-142-205.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-0f69d4637.edge-va6.demdex.com 1 ms
pragma
no-cache
date
Fri, 05 Jan 2024 01:28:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
C7EwnnqER8A=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC
ID1=770043a8-af77-46db-9a99-c38ce904d888
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=770043a8-af77-46db-9a99-c38ce904d888
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=770043a8-af77-46db-9a99-c38ce904d888&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=K5XH98XlPE9c
0
0
getuid
ib.adnxs.com/
Redirect Chain
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=770043a8-af77-46db-9a99-c38ce904d888
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D570392714%26rnd%3D-1575401367&pcid=$UID
0
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=-tBDgfwlV_hvwp42xPpc4iaEdkY
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p.adsymptotic.com
URL
https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=06132730
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
jelly.mdhv.io
URL
https://jelly.mdhv.io/v4/pixie?
Domain
serverf5.idsyncmxedge.com
URL
https://serverf5.idsyncmxedge.com/RegistroSyncHE-web/RegistroIDSyncHE?input=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&type=4&sitename=rt
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=adkernel&gdpr_consent=undefined&gdpr=0&khaos=LQZYJ7Y5-28-J2H9
Domain
a.usbrowserspeed.com
URL
https://a.usbrowserspeed.com/cs?pid=c7e3ce26eaec570ef329be40aeaf9cabc7b01d37dd37b285d3b98cf19a2e21bb&puid=742cc7d7-b8cd-4642-8528-e3ee92cfebe3&r=https%3A%2F%2Faggle.net%2Fjs%3Fpid%3DOS45X5SNC%0A
Domain
sync.adkernel.com
URL
https://sync.adkernel.com/user-sync?dsp=84&t=image&uid=LQZYJ7Y5-28-J2H9&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Domain
cs.smartssp.iqzone.com
URL
https://cs.smartssp.iqzone.com/iframe?pbjs=1&coppa=0
Domain
targeting.unrulymedia.com
URL
https://targeting.unrulymedia.com/unruly_prebid
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIk7fdlB9ogQimS7TR93pzw&google_cver=1
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=736096f3-a33b-4e74-a900-147a47dba0f3&pubid=e315a43aa9
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=92&3pid=7386633197929965226&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1246%2F8%2F2.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1813050728247349171
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us.gif?nuid=OPU6f38051ae3b444a4aea786afd04874f0&nw=oa
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=Ijngt9L7fRMzQZH0fnf-rVxh_U4pfaNTNcyTwFJ561M&pi=sonobi
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=K5XH98XlPE9c
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D570392714%26rnd%3D-1575401367&pcid=$UID
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=-tBDgfwlV_hvwp42xPpc4iaEdkY

Verdicts & Comments Add Verdict or Comment

373 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 object| 45 object| 46 object| 47 object| 48 object| 49 object| 50 object| 51 object| 52 object| 53 object| documentPictureInPicture function| x00_0xc2b2 function| x00_0x6ba9 function| x00_0x3b5a function| x00_0xe6b9 object| _Scanner object| PublisherCommonId function| $ function| jQuery object| gaCustomDimensions function| hsaGTMEvent object| dataLayer object| adblockDetector object| GlobalAamNamespace function| aamsitecertifier object| _sf_async_config number| _sf_startpt object| jwDefaults object| webpackChunkjwplayer function| jwplayer function| createJWPlayer function| loadJSON function| shufflePlaylist function| updateJWPlayerThumbnail function| removeVideosOlderThan function| createModal function| openModal function| closeModal function| createJWPlayerVideoGallery function| populateGallery function| createJWPlayerAdbox function| createJWPlayerVideoGallery_homepage function| populateGallery_homepage function| createJWPlayerVideoGallery_dynamic function| populateGallery_dynamic object| Insticator object| _taboola object| google_tag_manager object| google_tag_data object| google_optimize object| _comscore function| __handleUspapiMessage function| __uspapi object| str1 function| clarity function| matherSubcribeClickEvent object| _kmq string| _kmk function| _kms function| admiral object| googletag function| __tcfapi object| HSA_OBSERVE function| lozad object| _wpemojiSettings object| ad_vars object| $jscomp function| $jscomp$lookupPolyfilledValue boolean| headerTagInjected number| insticator_tg boolean| abpStatus object| federatedObj object| instBid object| InsticatorXmess boolean| isCommentsLoaded function| loadCommentsScript function| isToSPPAccepted function| setToSPPCookie function| getTOSPPCookie function| createTOSPPCookie object| addComment function| setHSACookie function| getHSACookie function| _ object| cswidgetoverR object| insticatorCommentingUnitSettings object| settings object| assertive object| confiant object| instBidChunk object| _pbjsGlobals object| ADAGIO object| _rollbarConfig object| _rollbarShims object| _rollbarWrappedError object| Rollbar function| rollbar object| InsticatorApp string| insticatorHeaderCodeVersion boolean| isPageviewSent object| ggeac object| google_js_reporting_queue object| _0x4cc4 function| _0x30b6 function| _0x4a113e object| _ds05un3 number| _pa_v object| paGlobal function| callUnitMan function| runBrowsi function| browsiCalled object| _cb_shared undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| Popper object| bootstrap object| Criteo object| Snowplow object| COMSCORE function| _typeof object| TRC object| _tblConsole undefined| msg function| 4dm1r11545242527 object| StyleFix object| PrefixFree object| teads_analytics object| _cbq object| apd_options string| GoogleAnalyticsObject function| ga object| refCatKv object| teadsscript object| atsScript object| _cbm string| KM_KEY number| KM_INCLUDE_HOSTNAME number| KM_SKIP_PAGE_VIEW number| KM_HANDLE_PRERENDER object| KM function| KMQ undefined| KMCTT_SOURCE string| KMCTT_ORIGIN function| _kmil string| KM_COOKIE_DOMAIN object| ns_p object| pa_prebid_fw object| pa_pbjs_fw2.0 object| csWidget string| gaName object| s object| $w function| csgtag object| gAservice object| cswDataLayer object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am object| script object| assertiveQueue boolean| _assertiveInitialized object| adsbygoogle function| Fb613lSE object| OBREvents number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized undefined| google_measure_js_timing number| google_unique_id object| gaGlobal number| __mobxInstanceCount undefined| __mobxGlobals object| _mather object| _matherq object| tid function| InvalidInputHelper object| tags number| no_of_paras number| p_tag_length number| j number| k object| pelement number| clength number| ilength number| this_iframe number| pos string| tag_text boolean| next_iframe function| joinNewsletter object| pSUPERFLY_mab object| pSUPERFLY function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id function| onYouTubeIframeAPIReady object| gaplugins object| gaData object| npt boolean| fifabAlready function| fi_fab undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery boolean| __bt_already_invoked object| auvars object| teads object| pa_pbjs_fw function| clearImmediate function| setImmediate object| ats object| twemoji object| wp string| ahm_cs_gtm boolean| ahm_cs_loaded string| nam object| placementData object| sas object| apntag object| _ADAGIO object| esc_tag_cfg object| regeneratorRuntime object| headertag function| _33AcrossPpidMappingsProvider object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| closure_lm_649978 object| fiUtils object| $FIslowSelectors object| $waitOn object| hadron boolean| __halo_loaded__ function| docReady object| au object| autag object| cmTag object| closure_lm_247153 object| recaptcha object| closure_lm_706916 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| _cm_wfCounters function| postscribe object| google_tag_manager_external string| myPropertyId object| clientSettings function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| ahm_config object| ahmpb object| System object| ahmpbChunk number| x object| ahm_adParent object| ahm_friendDiv object| pubgroup_config function| __extends function| __awaiter function| __generator function| __spreadArray function| __sc_import_cx_overlay object| gsapVersions boolean| cxsyncadded-176101 object| owpbjsChunk object| owpbjs object| PWT function| confiantDfpWrap

462 Cookies

Domain/Path Name / Value
www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails Name: _gada_ses.6fbe
Value: *
www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails Name: _gada_id.6fbe
Value: 72be1b73-d0fb-454c-bb3f-b00da783c660.1704418107.1.1704418107.1704418107.b0f4f64b-74ba-43db-b47d-c7f871a2b5a1
www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails Name: privAu
Value: 0
www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails Name: akuid
Value: A2580877537250048855
.taboola.com/oahu-staradvertiser/ Name: taboola_session_id
Value: v2_3f710bd07c3e753b785ba6f2ad6c8c40_055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc_1704418108_1704418108_CNawjgYQrK1FGPHH8bnNMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGiX1Mza_5njnMEBcAE
.3lift.com/sync Name: sync
Value: CgoIgAIQ9pHzuc0xCgoIoQEQwZ7yuc0xCgoIgQIQ9pHzuc0xCgoI4gEQ9pHzuc0xCgoI5gEQwZ7yuc0xCgoIhwIQwZ7yuc0xCgkISRD2kfO5zTEKCgiMAhDBnvK5zTEKCgisAhD2kfO5zTEKCgitAhD2kfO5zTEKCgiRAhDBnvK5zTEKCgiSAhD2kfO5zTEKCgi0AhDBnvK5zTEKCgiUAhD2kfO5zTEKCgi3AhDBnvK5zTEKCQg6EMGe8rnNMQoJCBsQ9pHzuc0xCgoI3gEQ9pHzuc0xCgkIXxDBnvK5zTEKCQgfEMGe8rnNMQ==
i6.liadm.com/s Name: _li_ss
Value: CgA
i.liadm.com/s Name: _li_ss
Value: CkAKBgjdARDzFgoFCAwQ_RYKBgiiARDzFgoJCP____8HEP0WCgUICxDzFgoGCIsBEPMWCgYI0gEQ8xYKBQh-EPMW
www.staradvertiser.com/ Name: plsVisitorGeo
Value: US
www.staradvertiser.com/ Name: plsVisitorCity
Value: Florida
www.clarity.ms/ Name: CLID
Value: 512139d5e8414d63aa3b3ee9c2199668.20240105.20250104
www.staradvertiser.com/ Name: instiPubProvided
Value: ac6d261b-2ceb-45c0-92bd-5d7c2c4be244
www.staradvertiser.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.staradvertiser.com/ Name: _pubcid
Value: 95d1454d-e53e-46b3-b4de-3341491a2a03
.staradvertiser.com/ Name: InstiSession
Value: eyJpZCI6ImIwZWU4N2Y2LWZmMjktNDkyMy04ZTRmLWJmNzdjNmVkNzkyNSIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
powerad.ai/ Name: 3535dcr-g
Value: 1
powerad.ai/ Name: 12331dcr-g
Value: 1
powerad.ai/ Name: 12593dcr-g
Value: 1
powerad.ai/ Name: 12594dcr-g
Value: 1
powerad.ai/ Name: 12595dcr-g
Value: 1
powerad.ai/ Name: 12940dcr-g
Value: 1
powerad.ai/ Name: 13127dcr-g
Value: 1
.staradvertiser.com/ Name: instUid
Value: b9e8126a-a546-48ae-9dc7-dd9b2e497b11
.go.sonobi.com/ Name: __uis
Value: 770043a8-af77-46db-9a99-c38ce904d888
.go.sonobi.com/ Name: _usd_staradvertiser.com
Value: 4bc5dd7f-3045-4a52-a504-583763608de9
.a-mo.net/ Name: amuid2
Value: fd21eeb0-4e49-4a1c-be95-c93fd2d84953
.prebid.a-mo.net/ Name: sd_amuid2
Value: fd21eeb0-4e49-4a1c-be95-c93fd2d84953
.lijit.com/ Name: ljt_reader
Value: H8B4hBZHEQ_m7NwFTi24NL7-
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.dotomi.com/ Name: DotomiUser
Value: 714307382870682843$3$162785654$$1
.dotomi.com/ Name: receive-cookie-deprecation
Value: 1
.rubiconproject.com/ Name: khaos
Value: LQZYJ7Y5-28-J2H9
.seedtag.com/ Name: st_uid
Value: 05473691-8194-4416-939d-60a6193cc647
.seedtag.com/ Name: st_ssp
Value: Y291bnRyeV9uYW1lPVVuaXRlZCBTdGF0ZXMmY291bnRyeV9pc28yPVVTJmNvdW50cnlfaXNvMz1VU0EmcmVnaW9uX25hbWU9RmxvcmlkYSZyZWdpb25faXNvMj1GTCZjaXR5X25hbWU9TWlhbWkmbG9uZ2l0dWRlPS04MC4zOTI3JmxhdGl0dWRlPTI1LjkwOTImbWV0cm89NTI4JnppcD0zMzAxOA==
.openx.net/ Name: i
Value: 95d1454d-e53e-46b3-b4de-3341491a2a03|1704418106
.staradvertiser.com/ Name: kvcd
Value: 1704418107194
.staradvertiser.com/ Name: km_ai
Value: oX9pQs9ImcIU4nXTBNQB%2F3fLBiw%3D
.staradvertiser.com/ Name: km_vs
Value: 1
.staradvertiser.com/ Name: km_lv
Value: 1704418107
.scorecardresearch.com/ Name: UID
Value: 1D098928ab84e617cc80b551704418107
www.staradvertiser.com/ Name: plsVisitorIp
Value: 38.132.118.70
www.staradvertiser.com/ Name: plsGeoObj
Value: {"ip":"38.132.118.70","country":"US","region":"FL","city":"Miami","zip":"33018","location":"25.9092,-80.3927"}
.postrelease.com/ Name: visitor
Value: c7afadb5-2f38-4468-a903-ccb38af6a4be
.staradvertiser.com/ Name: _ml_ses
Value: *
.staradvertiser.com/ Name: usprivacy
Value: 1---
.staradvertiser.com/ Name: _cb
Value: BZrUvzDXMdnwBwzJOh
.staradvertiser.com/ Name: _chartbeat2
Value: .1704418108204.1704418108204.1.6wmX1DMZZK2CtCFufCc_GvkDC00Po.1
.staradvertiser.com/ Name: _cb_svref
Value: external
.staradvertiser.com/ Name: _clck
Value: scyt0l%7C2%7Cfi5%7C0%7C1465
.staradvertiser.com/ Name: _ga_73ZHFY4ZMB
Value: GS1.1.1704418108.1.0.1704418108.60.0.0
.staradvertiser.com/ Name: _gid
Value: GA1.2.1065753684.1704418108
.staradvertiser.com/ Name: _gat_UA-16272709-1
Value: 1
.staradvertiser.com/ Name: _au_1d
Value: AU1D-0100-001704418109-NTS4H3MM-VH3X
.staradvertiser.com/ Name: _au_last_seen_pixels
Value: eyJhcG4iOjE3MDQ0MTgxMDksInR0ZCI6MTcwNDQxODEwOSwicHViIjoxNzA0NDE4MTA5LCJydWIiOjE3MDQ0MTgxMDksInRhcGFkIjoxNzA0NDE4MTA5LCJhZHgiOjE3MDQ0MTgxMDksImdvbyI6MTcwNDQxODEwOSwiYmVlcyI6MTcwNDQxODEwOSwic29uIjoxNzA0NDE4MTA5LCJhZG8iOjE3MDQ0MTgxMDl9
.adnxs.com/ Name: uuid2
Value: 7386633197929965226
.tapad.com/ Name: TapAd_TS
Value: 1704418108698
.tapad.com/ Name: TapAd_DID
Value: 4997edfe-4ce1-4693-848f-c8b66f02f74e
.adsrvr.org/ Name: TDID
Value: 736096f3-a33b-4e74-a900-147a47dba0f3
.doubleclick.net/ Name: IDE
Value: AHWqTUncHxYUkRIJeCMvHWv4wHSAbcRRqX-2z2w71iB4lmjvvUrNR2Lukz8WzCa-qzg
.staradvertiser.com/ Name: __gads
Value: ID=d5d9bc13cd177aaf:T=1704418107:RT=1704418107:S=ALNI_MZ4BZolVYIVHU4en5ncGzXTq6T5rg
.staradvertiser.com/ Name: __gpi
Value: UID=00000db0f4ed2e2f:T=1704418107:RT=1704418107:S=ALNI_Masyh_oFPy02WMRXLg2ivGrwvOkVA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A0864502-06A0-4ED8-A79E-7CD263E71299
.taboola.com/ Name: t_gid
Value: 055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc
.taboola.com/ Name: t_pt_gid
Value: 055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc
.staradvertiser.com/ Name: _gat_gtag_UA_137034616_28
Value: 1
.teads.tv/ Name: tt_viewer
Value: 5aae2540-b768-4666-864c-f0c5786ce1d3
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.demdex.net/ Name: demdex
Value: 52484525425390576564160136390183098686
www.staradvertiser.com/ Name: ntvSession
Value: {"id":2853752,"placementID":1071098,"lastInteraction":1704418109439,"sessionStart":1704418109439,"sessionEndDate":1704448800000,"experiment":""}
www.staradvertiser.com/ Name: _ntv_uid
Value: c7afadb5-2f38-4468-a903-ccb38af6a4be
.dpm.demdex.net/ Name: dpm
Value: 52484525425390576564160136390183098686
cdn.firstimpression.io/ Name: OAID
Value: cf05f5e4d120a97ce9d6ce65a1761324
.postrelease.com/ Name: ver
Value: 1
.bidr.io/ Name: bito
Value: AAAQHk7LLrYAABaDzK28HA
.bidr.io/ Name: bitoIsSecure
Value: ok
www.staradvertiser.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D055435f3-ee4f-4e14-834b-7890a4f83eff-tuctc90e0bc
.33across.com/ Name: check
Value: true
.rkdms.com/ Name: sessionid
Value: h-a9cba662392146348003a0f282bdda4d_t-1704418110
www.staradvertiser.com/ Name: csparkW_ga
Value: GA1.1.495654607.1704418108
.staradvertiser.com/ Name: _clsk
Value: qwpag7%7C1704418111157%7C1%7C1%7Cv.clarity.ms%2Fcollect
www.staradvertiser.com/ Name: _lr_retry_request
Value: true
www.staradvertiser.com/ Name: _lr_env_src_ats
Value: false
.ingage.tech/ Name: instUid
Value: b9e8126a-a546-48ae-9dc7-dd9b2e497b11
.casalemedia.com/ Name: CMID
Value: ZZdbPwCgEoqR40X4NR82pgAA
.casalemedia.com/ Name: CMPS
Value: 1641
.casalemedia.com/ Name: CMPRO
Value: 1641
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: c7ad65278a0c19aea11723b7364d8a21
.33across.com/ Name: 33x_ps
Value: u%3D212429669350874%3As1%3D1704418111464%3Ats%3D1704418111464
.yellowblue.io/ Name: wrvUserID
Value: fo4ME3P-kp_s
.colossusssp.com/ Name: gtm_usr
Value: 1e2c6b9b-b313-4977-8d47-506b6f116205
.sharethrough.com/ Name: stx_user_id
Value: c73598e4-19af-4225-ad41-0db5af961cdf
.csync.loopme.me/ Name: viewer_token
Value: d08b0939-e7dd-47e1-a1ce-13919d351d77
.tynt.com/ Name: uid
Value: 4Qap4mWXWz/CgISUbZWOUw==
.turn.com/ Name: uid
Value: 7898252983751812422
.staradvertiser.com/ Name: panoramaId_expiry
Value: 1704504511416
.staradvertiser.com/ Name: _cc_id
Value: c7ad65278a0c19aea11723b7364d8a21
www.staradvertiser.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22736096f3-a33b-4e74-a900-147a47dba0f3%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-12-05T01%3A28%3A31%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005%22%7D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZZdbQAAMIjwI5QBH
.staradvertiser.com/ Name: _ga_5CQE7K4MEN
Value: GS1.1.1704418112.1.0.1704418112.0.0.0
www.staradvertiser.com/ Name: _lr_geo_location
Value: US
www.staradvertiser.com/ Name: _lr_geo_location_state
Value: FL
.adform.net/ Name: C
Value: 1
www.staradvertiser.com/ Name: _uc_referrer
Value: https://www.staradvertiser.com/2024/01/04/breaking-news/more-than-20-injured-after-new-york-city-subway-train-derails/
.yahoo.com/ Name: A3
Value: d=AQABBEFbl2UCEILVdgG4B9tUOOSW_DPkNhgFEgEBAQGsmGWhZQAAAAAA_eMAAA&S=AQAAAkYBfcTVQ4jviEhajH8XfNU
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnXwbAZJn7AXQFJ1WGdnY4nXCwJEMOv0NvCPZGr33NZ2eqZPItIGr2amL8T5QC4TM1
.smartadserver.com/ Name: pid
Value: 6066353311403014312
.bidswitch.net/ Name: tuuid
Value: f23bd312-5bb6-424a-95e9-d15220f0e7dc
.bidswitch.net/ Name: c
Value: 1704418113
.bidswitch.net/ Name: tuuid_lu
Value: 1704418113
.yieldmo.com/ Name: yieldmo_id
Value: VEIznffDDzf1nB7iTMI_%7C1704412800000%7C0
.contextweb.com/ Name: V
Value: K5XH98XlPE9c
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4f6e8bc59e791d71
.ads.stickyadstv.com/ Name: UID
Value: 8cde5c648fe156140db5378baffff1b
.liadm.com/ Name: lidid
Value: 0e521442-191b-476e-bd4b-7f1dc324ebc5
.w55c.net/ Name: wfivefivec
Value: wEAGKYle1Rlz0J5
.media.net/ Name: visitor-id
Value: 3474197131523813000V10
.media.net/ Name: data-ris
Value: {{APID}}~~25
.cpx.to/ Name: cpSess
Value: 16783f81c9da922
.cpx.to/ Name: dsp_pub_common
Value: 95d1454d-e53e-46b3-b4de-3341491a2a03#1704418113285
.cpx.to/ Name: dsp_TTD
Value: 736096f3-a33b-4e74-a900-147a47dba0f3#1704418113285
.cpx.to/ Name: dsp_app_nexus
Value: 7386633197929965226#1704418113285
.openx.net/ Name: univ_id
Value: 537072971|736096f3-a33b-4e74-a900-147a47dba0f3|1704418113344685
.adform.net/ Name: uid
Value: 5394353749448417114
.w55c.net/ Name: matchcasale
Value: 5
.teads.tv/ Name: tt_exelate
Value:
.teads.tv/ Name: tt_bluekai
Value:
.teads.tv/ Name: tt_liveramp
Value:
.teads.tv/ Name: tt_neustar
Value:
.teads.tv/ Name: tt_salesforce
Value:
.amazon-adsystem.com/ Name: ad-id
Value: Az1UUxa0SUzGn_UljoemCKE
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.rezync.com/ Name: zync-uuid
Value: 73e61b6f-a064-4dfc-a9ec-caa48a3f5854:1704418113.6999092
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELWL8yepwJVgoFXd5zVih_Y&KRTB&23025-CAESELWL8yepwJVgoFXd5zVih_Y&KRTB&23386-CAESELWL8yepwJVgoFXd5zVih_Y
.3lift.com/ Name: tluid
Value: 2687056411155449827788
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQwNDYwNTA3sjAyMTc2sTQ0NxTiM9QNygpN9_NMNCtLca0AABnL1aUlAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXByRGAQAgEwI_pYIHMcpgN4hKIkdv9He66TR4bKjYQ3mmq3E1dhSidFQu3OAMSInpaZnJePzNNURM6AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQwNDYwNTA3sjAyMTc2sTQ0NxTiM9QNygpN9_NMNCtLca0AABnL1aUlAAAA
.mfadsrvr.com/ Name: tuuid
Value: 59e9df5d-c912-4e7b-b753-fe5a89a9761c
.mfadsrvr.com/ Name: c
Value: 1704418114
.mfadsrvr.com/ Name: tuuid_lu
Value: 1704418114
live.rezync.com/ Name: sd-session-id
Value: .eJwNzE0KwyAQQOG7zDoWJ44_42WCNSNIG1tismnI3evywce7YPnKvqUm7YB47KdMkN91VId4Qa-_TV4QAQMabbWfw0zeEKNHuCfo0nv9tKWuw3gjDp-uqKQdKVpLVoklq5wShWSKDZYiek00bmgejpk1z3D_AcR4Jik.ZZdbQg.1SZf1hXBJ8qfjK7fgsQ82evMGSc
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2.SaVB4ZPWZoJCJYf6BobQFVtoTzLFHBGyhJD4Dai6Uus
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2.SaVB4ZPWZoJCJYf6BobQFVtoTzLFHBGyhJD4Dai6Uus
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A-tBDgfwlV_hvwp42xPpc4iaEdkY.EF3y0bHJDef4jgl6wcictFqTQBPGeu2zaguJ3BakQTI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A-tBDgfwlV_hvwp42xPpc4iaEdkY.EF3y0bHJDef4jgl6wcictFqTQBPGeu2zaguJ3BakQTI
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAPUedzHQELGu9dQtoE8inZnRYgwfzgcKmWRYGWBTArwEHwYBCDCtt2sBjABOgT90vuTQgSYLIuG.ncWBcifPn%2BzR4ug1yatePOFvWefaGpi25oIgq%2FWWXtM
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAPUedzHQELGu9dQtoE8inZnRYgwfzgcKmWRYGWBTArwEHwYBCDCtt2sBjABOgT90vuTQgSYLIuG.ncWBcifPn%2BzR4ug1yatePOFvWefaGpi25oIgq%2FWWXtM
.pippio.com/ Name: did
Value: sNCAU0CAIJ5n_gxT
.pippio.com/ Name: didts
Value: 1704418114
.pippio.com/ Name: nnls
Value:
ads.us.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AN1gKFZr0esrL-Et
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.clientgear.com/ Name: mkuuid
Value: mka437b19fc08a48c28f93aeaf223ee5f8
.omnitagjs.com/ Name: ayl_visitor
Value: f85811dc81870e1d6389bcf2be3bdfa4
.criteo.com/ Name: uid
Value: 8b8293d3-9878-4b12-9ae2-54436c2413c7
.creativecdn.com/ Name: u
Value: h83rFYFkwN9YwzFYYkyC
.creativecdn.com/ Name: g
Value: h83rFYFkwN9YwzFYYkyC_1704418115335
.richaudience.com/ Name: pdid
Value: 48de1664-fb49-47b7-b409-1zz1704418099
.adx.opera.com/ Name: UID
Value: OPU6f38051ae3b444a4aea786afd04874f0
.staradvertiser.com/ Name: _ga
Value: GA1.2.495654607.1704418108
.staradvertiser.com/ Name: _gat_Insticator_Embed_v4
Value: 1
.zemanta.com/ Name: zuid
Value: BUe8t8AGKClBFU9g5GxQ
.exelator.com/ Name: EE
Value: "10316fed6ac38bc3ef2968381dd93508"
.krxd.net/ Name: _kuid_
Value: QBEDKO23
.agkn.com/ Name: ab
Value: 0001%3Ag%2BQzJ03ms2Ss%2BeUgJDert%2FeeOA%2BlLSMn
.sitescout.com/ Name: ssi
Value: d84ba2f6-b7f4-4640-ace5-cd1e301f83a4#1704418116372
.bluekai.com/ Name: bku
Value: m3X99WHqktPtsdyX
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHQwNjQLC01xSwx2dgiKdk4Nc3I0szC2MIwJcXS2NTAYnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6otDgxUUpaQyLSopPBR%252FLngcAmOUqVg%253D%253D"
.id5-sync.com/ Name: 3pi
Value:
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.pippio.com/ Name: pxrc
Value: CMS23awGEgYI36wrEAA=
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiZmQyMWVlYjAtNGU0OS00YTFjLWJlOTUtYzkzZmQyZDg0OTUzIiwiZXhwaXJlcyI6IjIwMjQtMDEtMTlUMDE6Mjg6MzYuNTg0MTc5NDQ4WiJ9fX0=
.prebid.a-mo.net/ Name: _sv3_13
Value: 1
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.a-mx.com/ Name: amuid2
Value: fd21eeb0-4e49-4a1c-be95-c93fd2d84953
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.a-mx.com/ Name: amdt_t
Value: p::1704418116682
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
.admanmedia.com/ Name: admtr
Value: b92d9acc-1898-4487-959a-a4caca37df9b
.admanmedia.com/ Name: admtr_red
Value: undefined
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.prebid.a-mo.net/ Name: __amc
Value: 2_1704418106_1704418116
sync-dmp.mobtrakk.com/ Name: pid
Value: MzZmOWY1Zjc1OTA1ZTA4
.prebid.a-mo.net/ Name: _sv3_14
Value: 1
.colossusssp.com/ Name: lmg_r
Value: 79|76
.postrelease.com/ Name: status
Value: 1
.cpx.to/ Name: dsp_dbm
Value: CAESEPsa0vTY7s6j9bsMQmJLSnQ#1704418117001
.cpx.to/ Name: dsp_pubmatic
Value: A0864502-06A0-4ED8-A79E-7CD263E71299#1704418117001
.cpx.to/ Name: dsp_OPENX
Value: 06405607-7011-454b-8c9e-03052caa067c#1704418117001
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_26dad347-6267-48c3-bca3-bbebb7a0b2e4
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-ad54b833-7c6f-352a-acb0-b4e156cda26b
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.prebid.a-mo.net/ Name: _sv3_12
Value: 1
.sportradarserving.com/ Name: zuuid
Value: 0cab6805-c694-4a0f-a9f1-3fc892c60190
.sportradarserving.com/ Name: c
Value: 1704418117
.sportradarserving.com/ Name: zuuid_lu
Value: 1704418117
.cpx.to/ Name: dsp_rubicon
Value: LQZYJ7Y5-28-J2H9#1704418117114
.richaudience.com/ Name: avcid-sma-uid
Value: 6066353311403014312
.richaudience.com/ Name: avcid-apn-uid
Value: 7386633197929965226
.mgid.com/ Name: lmg_usr
Value: 75d3231a-8b28-476c-856f-1982c6c9795b
.mgid.com/ Name: lmg_r
Value: 27
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1704418117
.richaudience.com/ Name: avcid-bsx-uid
Value: AAAQHk7LLrYAABaDzK28HA
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: c4fec229-13ee-5305-99c3-5f50fc540415
.betweendigital.com/ Name: ss
Value: 1
.rtb.mx/ Name: amdt_t
Value: g::1704418117483
.rtb.mx/ Name: amuid2
Value: 0ef1f393-287f-4014-a16b-7ea1021393b6
.ymmobi.com/ Name: ym_user_cookie
Value: ym_user_f42d1ad0-05e4-4bec-8277-d0223c159ff3
.mathtag.com/ Name: uuid
Value: f7716597-5b45-4000-9fa2-5f3c3f74983b
.adotmob.com/ Name: uid
Value: 0a00220400cfc8e2c37e0815
.adotmob.com/ Name: uuid
Value: 0a00220400cfc8e2c37e0815
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
pixel-us-west.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.admixer.net/ Name: am-uid
Value: 0e9edc1031de420496b7be83175ae78d
.a-mo.net/ Name: amdt_t
Value: h::1704418117759
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.richaudience.com/ Name: avcid-bsw-uid
Value: f23bd312-5bb6-424a-95e9-d15220f0e7dc
.deepintent.com/ Name: CDIUSER
Value: di_c053429087de436daa35a
.ipredictive.com/ Name: cu
Value: 6adc7340-ca96-462d-b37b-baa1d1730357|1704418117929
.linkedin.com/ Name: bcookie
Value: "v=2&42135a55-4de3-4b61-8d4d-1a57c863db6e"
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3127:u=1:x=1:i=1704418117:t=1704504517:v=2:sig=AQGSXRUl5stT2EYy431DU17GtOCEQjlk"
.adstanding.com/ Name: _adstanding_id
Value: eddd68999dcc1d60778e9f151f440da6
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1704418112026%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1704418118143%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1704418112026%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1704418118143%7D%2C%7B%22p%22%3A%221fbac30d28%22%2C%22f%22%3A1%2C%22ts%22%3A1704418118143%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1704418112026%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1704418118143%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1704418112026%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1704418112026%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1704418118143%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1704418112026%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1704418118143%7D%5D
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_c053429087de436daa35a
.quantserve.com/ Name: mc
Value: 65975b46-40907-cbe5f-0acb1
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMUVpZSjdZNS0yOC1KMkg5IiwiZXhwaXJlcyI6IjIwMjQtMDEtMTlUMDE6Mjg6MzguMjk2ODM3NjI5WiJ9fX0=
.connatix.com/ Name: cnx_userId
Value: 1d4bfe51f7ec43dfa1dd16f2012ec790
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335--tBDgfwlV_hvwp42xPpc4iaEdkY&KRTB&23334--tBDgfwlV_hvwp42xPpc4iaEdkY&KRTB&23417--tBDgfwlV_hvwp42xPpc4iaEdkY&KRTB&23426--tBDgfwlV_hvwp42xPpc4iaEdkY
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:wEAGKYle1Rlz0J5&KRTB&23421-uid:wEAGKYle1Rlz0J5
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7898252983751812422&KRTB&23150-7898252983751812422&KRTB&23527-7898252983751812422
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-736096f3-a33b-4e74-a900-147a47dba0f3&KRTB&22918-736096f3-a33b-4e74-a900-147a47dba0f3&KRTB&22926-736096f3-a33b-4e74-a900-147a47dba0f3&KRTB&23031-736096f3-a33b-4e74-a900-147a47dba0f3
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-6adc7340-ca96-462d-b37b-baa1d1730357&KRTB&23011-6adc7340-ca96-462d-b37b-baa1d1730357&KRTB&23355-6adc7340-ca96-462d-b37b-baa1d1730357
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7386633197929965226&KRTB&23339-7386633197929965226
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5394353749448417114&KRTB&23263-5394353749448417114&KRTB&23481-5394353749448417114
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AQEI6LvGuXMt2gIIsuh3AQEBAQE&KRTB&22713-AQEI6LvGuXMt2gIIsuh3AQEBAQE&KRTB&22715-AQEI6LvGuXMt2gIIsuh3AQEBAQE&KRTB&23519-AQEI6LvGuXMt2gIIsuh3AQEBAQE
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!121-2!121-3!121
.staradvertiser.com/ Name: _ml_id
Value: d68fc899d8562c3c.1704418108.1.1704418118.1704418108
.addthis.com/ Name: na_id
Value: 2024010501283800015696086085
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 65975b469110391d
.addthis.com/ Name: ouid
Value: 65975b460001c7022e003ac43585735b14d5eaa2352c00b09fad
.dlx.addthis.com/ Name: na_sc_x
Value: 1
p2.gcprivacy.com/ Name: gcid
Value: e2c5298f-8591-4c8b-899c-ce392e353523
www.staradvertiser.com/ Name: _sp_ses.6fbe
Value: *
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-AagteAL_IHkaqSR2B6o5LFX4ISkarXUsVazYg6Tx&KRTB&19420-AagteAL_IHkaqSR2B6o5LFX4ISkarXUsVazYg6Tx&KRTB&22979-AagteAL_IHkaqSR2B6o5LFX4ISkarXUsVazYg6Tx&KRTB&23462-AagteAL_IHkaqSR2B6o5LFX4ISkarXUsVazYg6Tx
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1813050728247349171
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU6f38051ae3b444a4aea786afd04874f0&KRTB&23485-OPU6f38051ae3b444a4aea786afd04874f0&KRTB&23524-OPU6f38051ae3b444a4aea786afd04874f0
www.staradvertiser.com/ Name: _sp_id.6fbe
Value: e6352e41-7740-46ca-8155-85e36c8d5370.1704418119.1.1704418120.1704418119.d99f0528-3e7b-4764-aae8-d063ecc6d605
.staradvertiser.com/ Name: _awl
Value: 2.1704418117.5-55a3e5c9b231b1247c9077381213abae-6763652d75732d6561737431-0
.acuityplatform.com/ Name: auid
Value: 872817512825
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAMvqNdXNlck1hdGNoaW5nSWTEkWxhc3REcm9wVGltZU1pbGxpcyUBRjVnSH6ImGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUY1Z0h+iI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.simpli.fi/ Name: suid
Value: A0A7D3915CF44960ACE5E888F4B75986
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_c1331410-ab69-11ee-8814-12fa6b58ae11
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.mxptint.net/ Name: mxpim
Value: R35CAB_10EC9D625_96FC73C6.1.000000000000000000000000000000000000000000000000000000000000000000000000000000000000000065975B47
.adkernel.com/ Name: DSP2F_71
Value: 343983
.adkernel.com/ Name: DSP2F_40
Value: 649145
.adkernel.com/ Name: ADKUID
Value: A2580877537250048855
.primis.tech/ Name: csuuid
Value: 65975b479c596
.smaato.net/ Name: SCMsas
Value: 274abd0f1c
.smaato.net/ Name: SCM
Value: 44e38e5e65
.smaato.net/ Name: SCMaps
Value: 44e38e5e65
.gumgum.com/ Name: vst
Value: u_8a0f8237-cd03-48f2-b488-4ca53ffb58fd
.hb.yahoo.net/ Name: visitor-id
Value: 3474197191523819000V10
.hb.yahoo.net/ Name: data-mag
Value: LQZYJ7Y5-28-J2H9~~63
.adgrx.com/ Name: ADGRX_UID
Value: c13636fe-ab69-11ee-b47c-6e5120466e9f
.aralego.com/ Name: sspid
Value: 3f6eae77-8436-31c0-ac70-7d1572b10ec2
.mediago.io/ Name: __mguid_
Value: 746ded2276f7b82e2lucx800lqzyji0f
.c.appier.net/ Name: _auid
Value: KFJ8PyxrAC6Nv899R1uXZQ
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553&KRTB&23418-d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:38485CB5441247569104AE4050593124&KRTB&23486-uid:38485CB5441247569104AE4050593124&KRTB&23489-uid:38485CB5441247569104AE4050593124&KRTB&23539-uid:38485CB5441247569104AE4050593124
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-b9e4ff91-bb58-47f1-b815-3c3079feda17&KRTB&23340-b9e4ff91-bb58-47f1-b815-3c3079feda17&KRTB&23498-b9e4ff91-bb58-47f1-b815-3c3079feda17
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-872817532029&KRTB&23428-872817532029
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33647_10EC9D624_9826E577&KRTB&23092-R33647_10EC9D624_9826E577
prebid-s2s.media.net/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMUVpZSjdZNS0yOC1KMkg5IiwiZXhwaXJlcyI6IjIwMjQtMDEtMTlUMDE6Mjg6MzkuODc4Mjk4MzAyWiJ9fSwiYmRheSI6IjIwMjQtMDEtMDVUMDE6Mjg6MzkuODc3MjU0ODMyWiIsImhvc3RfdWlkcyI6eyJtZWRpYW5ldCI6eyJ1aWQiOiIzNDc0MTk3MTMxNTIzODEzMDAwVjEwIn19fQ==
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-KFJ8PyxrAC6Nv899R1uXZQ
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.adgrx.com/ Name: ADGRX_CM_RUBICON_BRIDGED
Value: 1
beacon.lynx.cognitivlabs.com/ Name: UID
Value: a6cf1cbc-4036-4199-86d7-bf338a8581fc
.pubmatic.com/ Name: SyncRTB3
Value: 1705622400%3A104_13_166_240_22_48_238_55_231_220_71_46_96_54_214_81_243_233_3_5_176_234_249_56_250_8_165_21_178_264_99_7%7C1707004800%3A224%7C1709596800%3A69%7C1705017600%3A38_223_2_15%7C1705276800%3A63%7C1705708800%3A35
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-c13636fe-ab69-11ee-b47c-6e5120466e9f&KRTB&23275-c13636fe-ab69-11ee-b47c-6e5120466e9f
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-f23bd312-5bb6-424a-95e9-d15220f0e7dc
.undertone.com/ Name: UID_EXT_47
Value: LQZYJ7Y5-28-J2H9
.kargo.com/ Name: ktcid
Value: 888033c4-6351-05bc-5ade-8d1de71eb523
.dotomi.com/ Name: UP
Value: 714307382870682843$3$162785654$$1
.serverbid.com/ Name: CONSUMABLEID
Value: 6def715e58d4413eaf715e58d4813ee4
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: 20XGSSSz8S
.smartadserver.com/ Name: csync
Value: 76:CAESEBxZa7EzIOj-2rgMQZMYP64|104:LQZYJ7Y5-28-J2H9|133:274abd0f1c
.blismedia.com/ Name: b
Value: 65975B48E0C2A3AB74921F42BLIS
.ads.yieldmo.com/ Name: ptrrc
Value: LQZYJ7Y5-28-J2H9
.ex.co/ Name: exco-uids
Value: {"rubicon":{"UID":"LQZYJ7Y5-28-J2H9","Expire":"2024-01-12T01:28:40.285474029Z"}}
.aniview.com/ Name: 1_C_5
Value: LQZYJ7Y5-28-J2H9
sync.aniview.com/ Name: 1_C_5
Value: LQZYJ7Y5-28-J2H9
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZZdbPwCgEoqR40X4NR82pgAABmkAAAIB
.intentiq.com/ Name: intentIQCDate
Value: 1704418120353
.intentiq.com/ Name: ASDT
Value: 0
.adsby.bidtheatre.com/ Name: __kuid
Value: 0f4048a3-19cf-4e08-b88a-c8eedd147483.473632120
.adfarm1.adition.com/ Name: UserID1
Value: 7320420084116420757
.technoratimedia.com/ Name: tads_uidp_16
Value: 1547975003335
.technoratimedia.com/ Name: tads_uidp_37
Value: 85a99178-479b-3533-a785-972aa959f0f9
.technoratimedia.com/ Name: tads_uidp_44
Value: LQZME8SM-24-CIKE
.technoratimedia.com/ Name: tads_uidp_45
Value: A6016292-7C09-4AAF-B0D3-62E359EF2284
.technoratimedia.com/ Name: tads_uidp_46
Value: 3285453188938350402
.technoratimedia.com/ Name: tads_uidp_48
Value: d25fe073-ef08-44b5-936e-519782a87488
.technoratimedia.com/ Name: tads_uidp_49
Value: AAABtyRCcZZHWAMjaFLRAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: 9820c97c-01c6-42cd-8c64-e259ae3272c6
.technoratimedia.com/ Name: tads_uidp_61
Value: 212406408481265
.technoratimedia.com/ Name: tads_uidp_62
Value: 3473895961523660000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: 2VooOXDlBun4f3pFAVcpGw0rq75yW39L
.technoratimedia.com/ Name: tads_uidp_7
Value: 3980b1db-f1a7-43a0-94d3-828f9fac088f
.technoratimedia.com/ Name: tads_uidp_70
Value: 1674043991941-957306093047-001464-009-005972
.technoratimedia.com/ Name: tads_uidp_73
Value: AAAQHk7LLrYAABaDzK28HA
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-131edf9f-fb65-4a45-a943-8e2bab8dec1c-005
.technoratimedia.com/ Name: tads_uidp_77
Value: ms5agGkz-1V4Mq5LaUdUZ-d8C52NBw8PiJjBUS_DVoA
.technoratimedia.com/ Name: tads_uidp_80
Value: y-xdaxU9VE2uEz_Hlk.bcq_eZHCSdULE9W~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZZcLl-Dbmzli29yBnj3cwwAA&1496
.technoratimedia.com/ Name: tads_uidp_83
Value: ELWDeiSWkKiw
.technoratimedia.com/ Name: tads_uidp_88
Value: 229038021353853600147
.technoratimedia.com/ Name: tads_uidp_90
Value: 62420b2c-93b6-4958-86ee-d0a539a95879
.technoratimedia.com/ Name: tads_uidp_91
Value: 6493335838109300398brt76151639261561881074b6
.technoratimedia.com/ Name: tads_uid
Value: 0ACA07A79B244833993E8B9798357D18
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230514043511+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1703211272902
www.staradvertiser.com/ Name: gcid_first
Value: e2c5298f-8591-4c8b-899c-ce392e353523
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAAQHk7LLrYAABaDzK28HA
pool.admedo.com/ Name: tuuid
Value: 4dc8349b-80b8-4b94-b1a2-47e2adf7f27c
pool.admedo.com/ Name: c
Value: 1704418120
pool.admedo.com/ Name: tuuid_lu
Value: 1704418120
pixel-eu.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.fwmrm.net/ Name: _uid
Value: umo0447_7320424622894265161
.creative-serving.com/ Name: tuuid
Value: 4d715134-4d31-4835-964f-77d87de546c4
.creative-serving.com/ Name: c
Value: 1704418120
.creative-serving.com/ Name: tuuid_lu
Value: 1704418120
.linkedin.com/ Name: li_sugr
Value: 160ab77b-5d41-4122-b6fa-6df5236a8d77
.bluekai.com/ Name: bkdc
Value: phx
.company-target.com/ Name: tuuid
Value: 1fd04be1-3440-42f9-b2aa-4a09ecf87f03
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: umo0447_7320424622894265161
.ads.stickyadstv.com/ Name: MRM_UID
Value: umo0447_7320424622894265161
.retargetly.com/ Name: _rlid
Value: 18445aa0-e386-4b70-9d8c-7acd2fb9de4c
.storygize.net/ Name: U
Value: e70a7824-89af-41a5-a56b-06996c8ccf7d
.eqads.com/ Name: EQUser
Value: UID=08086e4a-a446-4039-9081-3354ed5f7a34
.clickagy.com/ Name: cb
Value: ZZdbSJoUq63D3ltOZd0YWGF1
aorta.clickagy.com/ Name: chs
Value: [{"ch":"4","t":"2024-01-05 01:28:40"}]
.media6degrees.com/ Name: clid
Value: 2s6rlfs01170t1pq4e9tqm150000000104010101101
.media6degrees.com/ Name: acs
Value: 012020k1s6rlfsxzt10
.aggle.net/ Name: aggcid
Value: 742cc7d7-b8cd-4642-8528-e3ee92cfebe3
.ads.stickyadstv.com/ Name: uid-bp-892
Value: 736096f3-a33b-4e74-a900-147a47dba0f3
.criteo.com/ Name: partitioned_bundle
Value: yPVqMl9sdUc3dmFSUkNhcmJnVkNyVFBEZyUyQk5kcVdWVW9YdjlaeFVHR1EwdEhvbDglMkJ0NVBxQ2lCdnkzcGtBb1RvZkhwbkdIak9YM2Q3cHMlMkZuRFRwRXFvQjVJMmM5cGt3MmVFbFdZc3N2WjFiM2Ntb3lGUllacnlkaHFEcXNGR0tXRUh0V2FGUm1kbXpob1FNZlNHcm5zRlBjVTZ4cyUyQjNVbDJrS1B5UXZXbEpnMDlUNkRTRVU5cENxJTJCVFdmdVJHaGRGJTJCJTJCaA
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220240105%22%2C%22141%22%3A%2220240105%22%2C%22142%22%3A%2220240105%22%7D
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-bRKH0QhE2oN6dDPxTl84Z76j.WbZXf4.KsU_8.4H~A
.pubmatic.com/ Name: DPSync3
Value: 1705017600%3A265_252_253%7C1704499200%3A255_248%7C1705622400%3A258_256_236_263_245_219_262_201_235_228_259_261_260_226%7C1705449600%3A257
www.staradvertiser.com/ Name: pbjs_li_nonid
Value: %7B%22nonId%22%3A%224iJ4sAdZv4ZBKwDr9Kxo2AJFo9uBEI3-TYsI2Q%22%7D
.smadex.com/ Name: smxtrack
Value: 006b79a6-e17b-428f-a319-4028618a9396
.smadex.com/ Name: smxbds
Value: 1
www.staradvertiser.com/ Name: pbjs_li_nonid_cst
Value: VyxHLMwsHQ%3D%3D
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESED1dhtKpQkBzC1zHJwUfIjg
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwjUker29OXGPBAFEhUKBmNhc2FsZRILCPr18JT15cY8EAUSFgoHcnViaWNvbhILCOLb4cf15cY8EAUSFwoIcHVibWF0aWMSCwiu8YHO9eXGPBAFEhsKDHNoYXJldGhyb3VnaBILCKrd_-D15cY8EAUYASABKAIyCwjsnsCYjObGPBAFOAFaBzgzaTk4eTRgAg..
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAAQHk7LLrYAABaDzK28HA
.rlcdn.com/ Name: pxrc
Value: CMS23awGEgUI6AcQABIFCOhHEAASBgi66gEQBRIGCLjrARAEEgYIkLwrEAE=
.retargetly.com/ Name: _tpc_enabled
Value: true
.ctnsnet.com/ Name: cid_9fde785afe9f4e13ad91be6dbded0479
Value: 1
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7577045212095128841P
.owneriq.net/ Name: pmc
Value: 1
.bfmio.com/ Name: __187_cid
Value: A0864502-06A0-4ED8-A79E-7CD263E71299
.bfmio.com/ Name: __io_cid
Value: d65a8646fb387967227da4f6f72df236b3dcb813
.w55c.net/ Name: matchfreewheel
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:f7716597-5b45-4000-9fa2-5f3c3f74983b
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005&KRTB&17107-RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005
.pubmatic.com/ Name: PugT
Value: 1704380011
.socdm.com/ Name: SOC
Value: ZZdbScCo8YIAALvpxfgAAAAA
.minutemedia-prebid.com/ Name: wrvUserID
Value: cohMx3P-Cp_mm
.thrtle.com/ Name: mc
Value: eyJpZCI6IjcwZTViOGQ5LTBiZWEtNGFjMC1iZDRjLTVhYWNmYzgxODJkMSIsImwiOjE3MDQ0MTgxMjE5ODgsInQiOjF9
.ads.stickyadstv.com/ Name: uid-bp-23329
Value: wEAGKYle1Rlz0J5
.rlcdn.com/ Name: rlas3
Value: H+dxwz2VEOaYrDQTASr3x6Y0S95ysAKqn9vx8x1lnYE=
.ads.stickyadstv.com/ Name: uid-bp-951
Value: 7386633197929965226
.retargetly.com/ Name: _rlmp1
Value: 2|7386633197929965226|1704418121&&11||1704418121&&13||1704418121&&22|y-gHNyHbJE2oK1qE6Ww4EnZ3_6qyViGDR1YpU-~A|1704418121&&23||1704418121&&24||1704418121&&27||1704418121&&51||1704418121&&72|AQEI6LvGuXMt2gIIsuh3AQEBAQE|1704418121&&74|6066353311403014312|1704418121&&78||1704418121
.ads.stickyadstv.com/ Name: uid-bp-25746
Value: 6adc7340-ca96-462d-b37b-baa1d1730357
.staradvertiser.com/ Name: cto_bundle
Value: uKIhIV9sdUc3dmFSUkNhcmJnVkNyVFBEZyUyQk5kcVdWVW9YdjlaeFVHR1EwdEhvbDglMkJ0NVBxQ2lCdnkzcGtBb1RvZkhwbkdIak9YM2Q3cHMlMkZuRFRwRXFvQjVJMmM5cGt3MmVFbFdZc3N2WjFiM2Ntb3lGUllacnlkaHFEcXNGR0tXRUh0V00xNkhsRk1Na0NhSjdJYWpTWkpqa0NqRHJSVFBZQThGVnZIY1liemVtVEElM0Q
.staradvertiser.com/ Name: cto_bidid
Value: NmMyTF95ektKcTFkcE0wYXRyOHpqamJoMEpJWnYlMkZ0a1duMWJTeXQ3anFUWW5mOGo3UmFNZGhJd0xyWnNHajRya3BDMlBNajlpTHZUR0VtR1J1TnFRUVJXdm5vRXc3WmJEZExCQ1dxQkZIeUdTbVpTMGRMdGUlMkJNJTJCMEZxdEZZZUc3RUxtTA
.lijit.com/ Name: ljtrtbexp
Value: eJxVjUESgDAIA%2F%2FCuQcICMWvOf7d0fZgjtnZJJdYymmlR6IKGBL9yzqki%2FN09k3BYCYXTJ0BlhCR5m8B%2B0GB%2Fh5p8H4ARz4gGw%3D%3D
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1704439722492
.aggle.net/ Name: aggsubsid
Value: gAAAAABll1tKMLUBZDILfApvY2jOEeov6t_C3cXnSYdM2oAZldjRRhoOqiB3Asn19QGDLg1mazVQwmX76o_0gjMM6toHIz178t04PU0vX7w73TG332Mok31lFioj0vKNjZwtdLUB4Uq4Yp69FIcKCRs47vlU93wxEZlPyu2NDzS5RuJSyqQH-sI
.aggle.net/ Name: aggsid
Value: gAAAAABll1tKyPxSU-zcA7HMHqOpHo-Rn4aAN-CZnc4WxRWKZPl1sfW0ICrsTR5VFCVJ0MAQktVYGSiTohUa5oP3zABo1zFQbHZ5DQpySlIW23MnBc7l8LM
.seedtag.com/ Name: st_cs
Value: w+rbZEyK+80jT8F0D2FiD8x3WJ5j7YspeltZ/9loeaCS+rRvVxGqY9fFZul5L/QcOvwTO32Ns6NMZPeyxoFbiHrrBAbvgLkHcT9uG4TJVvEoejAFkVymNEMYh61eXtCRnPHrHVQlLByALadh5UFmJspP1lW1K7swseMDWomi3pJRh1chaAytwB97qGxhe/9M214As7wC9ZuPAQZ/uh2VX51hDxR/zFHLNFowaC188kZLrVoUD0pF6hBpmKoN+6S/yL34Mos9tVfjTafHh+RyBRsGK3a+NeUfwT2vHP0wotwXM2RHnKyeJByeKDkk1WdLgPVi+IIOrCLe8okL9xR8fDUw/+7op4i+wLbYV5fyGzBwzcB14QLwU8A3OPtSRi5rASGKRMVV3MsZK4HzFx38jJg9pokBHplfst3arZZon2VcQho84UrnyVuuvrtV8Ub/ynLWDNiPAb80dJZIGTr6i5hDqsKqiILurgTI2huoZVUgLqQa5G0lbmOy8KVxN3rqdn9tObfoRXEtkLfAKnyNTIxn6lRxTd0tsO2aeIynCgvnFyV6N8mYplE8NcBHifdeI2tvvkl/R10vaUJkSATyTYjnHER8g1cs7XyxkkkdhCu9NJzSloM6JIasT+YSejrh78/hc02kRmEqihltCcvBEsagHPHA6LQOHuJ6CfI2Aur32AVcBC+xo9UHJXlgtktzEMroJlHzYeWfPhNjym0NitOYxS837YPrWV1HzWY8f6CMevZlnwyolFQg+IWz9GqDNWXLUkzckIM6t8rP5jcdl8iGCjdeaR/gXj/LsyOL8w6KluOmhTt1cRaCH6gHTjQ0VIxqXxIUsj9lO5Ot8DvjyrpgAVzoJNRgULaaWaHqYRg=
.pubmatic.com/ Name: pi
Value: 161683:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 16
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1oxw|4is.0.CAESEEThPMF-T5JUMGZoaLkjQCw|7dW.0.1|2N.0.AQEI6LvGuXMt2gIIsuh3AQEBAQE|7bq.0.1|8nK.0.1|8nM.0.1|7dN.0.AAAQHk7LLrYAABaDzK28HA|8i8.0.1|8o4.0.1
io.narrative.io/ Name: io.narrative.guid.v2
Value: c2fd9ae0-ab69-11ee-a180-0a02e9f38595
.creativecdn.com/ Name: ts
Value: 1704418122
.betweendigital.com/ Name: ut
Value: ZZdbSgALOwAnwJM5S68RmJ-ZV_eI1U9O3tEG-g==
.go.sonobi.com/ Name: HAPLB8G
Value: s86180|ZZdbT
.staradvertiser.com/ Name: __qca
Value: P0-1425143951-1704418119885
.semasio.net/ Name: SEUNCY
Value: EECC62C95E3F9634
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1b1c05a4-a7cb-4073-8559-93f6a89d18e6-005%22%2C%22nxtrdr%22%3Afalse%7D
.onaudience.com/ Name: cookie
Value: 82f3253071c869c3
.onaudience.com/ Name: done_redirects236
Value: 1
.lijit.com/ Name: _ljtrtb_92
Value: 7386633197929965226
.lijit.com/ Name: _ljtrtb_26
Value: f23bd312-5bb6-424a-95e9-d15220f0e7dc
www.staradvertiser.com/ Name: _tfpvi
Value: MmYxMjhlMDUtZWViZC00MDlmLTk0MGMtZTNhM2Q5NTUwMDEyIzctNg%3D%3D
.lijit.com/ Name: _ljtrtb_83
Value: LQZYJ7Y5-28-J2H9
.audrte.com/ Name: arcki2
Value: 1478nbfmixCQXCpr5TrghpeFA!20220908!1704418123026!ip#38.132.118.70
.audrte.com/ Name: arcki2_pubmatic
Value: A0864502-06A0-4ED8-A79E-7CD263E71299!20220908!1704418123026
.krushmedia.com/ Name: krm_usr
Value: 1fdb5d7b-30c9-5cb8-86d4-8c47a7462608
.sitescout.com/ Name: _ssuma
Value: eyI1NyI6MTcwNDQxODEyMTk5OSwiMjQiOjE3MDQ0MTgxMjI1NTMsIjQ4IjoxNzA0NDE4MTIyODY2LCIzOSI6MTcwNDQxODExNjQ0NywiMTciOjE3MDQ0MTgxMjA3NzUsIjciOjE3MDQ0MTgxMTY0NDcsIjcwIjoxNzA0NDE4MTE2NDQ3fQ
.admanmedia.com/ Name: ac_r
Value: CS112
.id5-sync.com/ Name: id5
Value: f89f015f-cad6-7e4f-9884-08043c5cca82#1704418116456#2
.lijit.com/ Name: ljtrtb
Value: eJx1j01LA0EQRP%2FLnm3ome6ZnvZuWNckJiGRTS7Ss7ujiAQRwS%2F8785691q8qkd9Nw6puWxuN4dYKGFwNlFmZmObTFK0MiIn4YLNReNjRYunPJLzEHKOwJ4NNEwKowveY8FJxqGyrJW9CX2rqX%2FeXOmceamZUEStMjCiDDwJgykiOBZjGbNhocomrOxyezp2cgzgE3S%2B1Zqr%2F9tIMRI5FfWqsYrjXKF%2FKrN214PLbsBg1SdDNaMQpBAUlEq0pKNLUwTEME%2FNT6%2Bfzg9vupSyW31tTy2Wc4HXu4%2FH%2BwO%2FFFvv18Pn%2Fn3RhehWzc8vp9VSSA%3D%3D
.lijit.com/ Name: _ljtrtb_16
Value: d84ba2f6-b7f4-4640-ace5-cd1e301f83a4-65975b44-5553
.krushmedia.com/ Name: krm_r
Value: 572|154
.audrte.com/ Name: arcki2_ddp2
Value: 1478nbfmixCQXCpr5TrghpeFA!20220908!1704418123248
.pubmatic.com/ Name: SPugT
Value: 1704418123
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyJlcGxhbm5pbmciOiIyMDI0LTAxLTA1VDAxOjI4OjI2LjY2MzA0NTA3N1oiLCJmcmVld2hlZWwiOiIyMDI0LTAxLTA1VDAxOjI4OjI2LjY2MzA0MzkzM1oiLCJwdWJtYXRpYyI6IjIwMjQtMDEtMDVUMDE6Mjg6MjYuNjYzMDM5NTc4WiIsInJ1Ymljb24iOiIyMDI0LTAxLTA1VDAxOjI4OjI2LjY2Mjk4MzgyNFoifSwidWlkcyI6eyJhZGFnaW8iOnsidWlkIjoiNGVmOTNlZmMtYzUyNS00MDVlLWEzODEtM2RmMjc1MmNiNjA4IiwiZXhwaXJlcyI6IjIwMjQtMDMtMDVUMDE6Mjg6MjYuNjYxNDg3MzZaIn0sImVwbGFubmluZyI6eyJ1aWQiOiJBTjFnS0ZacjBlc3JMLUV0IiwiZXhwaXJlcyI6IjIwMjQtMDMtMDVUMDE6Mjg6MzkuNDI2NjY3OTMxWiJ9LCJmcmVld2hlZWwiOnsidWlkIjoiOGNkZTVjNjQ4ZmUxNTYxNDBkYjUzNzhiYWZmZmYxYiIsImV4cGlyZXMiOiIyMDI0LTAzLTA1VDAxOjI4OjMzLjQ1NDI0NDg1M1oifSwicHVibWF0aWMiOnsidWlkIjoiQTA4NjQ1MDItMDZBMC00RUQ4LUE3OUUtN0NEMjYzRTcxMjk5IiwiZXhwaXJlcyI6IjIwMjQtMDMtMDVUMDE6Mjg6NDMuNTIyMjk5NjY0WiJ9LCJydWJpY29uIjp7InVpZCI6IkxRWllKN1k1LTI4LUoySDkiLCJleHBpcmVzIjoiMjAyNC0wMy0wNVQwMToyODozNy43NjM2OTgxNjdaIn19LCJiZGF5IjoiMjAyNC0wMS0wNVQwMToyODoyNi42NjEzNzc1M1oifQ==
.audrte.com/ Name: arcki2_adform
Value: 5394353749448417114!20220908!1704418123546
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSDZPTDEzNTK3SDRINrRMTE00NDQ3Mk4yNzYzSbFINDJkAILU6dHeX%2F7%2F%2F88P4oAB%2F5RJL1QZ28oZ%2FjMyMkxEYnchsa8fbjVihqj5wAhSub0erP7eB0tswueOHmLGJv5z4xQWbOKXTj1iwya%2Be99lAWzihxfPwWrO3bVPubGpf7cEu%2FqG%2F5rYlC%2BccYAJm%2Fi%2FLi1swgCJdn6w"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBInR7tDaQggImBgWsGiMnV9BlIAgA5WgPG"
.eyeota.net/ Name: mako_uid
Value: 18cd73ca01c-66f10000010a5b4d
.eyeota.net/ Name: SERVERID
Value: 23373~DM
.company-target.com/ Name: tuuid_lu
Value: 1704418123|ix:0|rp:0
.intentiq.com/ Name: IQPData
Value: 646215238#1704418123935#0#1704418120351
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVMFJvamNRIzE0XzAmVTBSb2tZQw
.smaato.net/ Name: SCMtu
Value: 44e38e5e65
.smaato.net/ Name: SCM1001989
Value: 44e38e5e65
.socdm.com/ Name: SOSYNC
Value: anNvbjp7InJ1Ymljb24iOjE3MDQ0MTgxMjN9
beacon.lynx.cognitivlabs.com/ Name: ss
Value: SbzVtfusR3PPwP3TEEBIF%2Fhr2oHmY5WN4MXr7owPO3ohnh3olZpdYtSi7dZW48xn1KXzkfbLZLfx7yipsaHvfw%3D%3D
.brand-display.com/ Name: _knxq_
Value: 3ad06018-d1ed-a766-3562c7cc.1704418113.1.1704418124.1704418113
.adotmob.com/ Name: partners
Value: AYL%3A1704418117530%3BRUB%3A1704418124234
.seedtag.com/ Name: st_csd
Value: 1704418124292:1704418124292
.w55c.net/ Name: matchrubicon
Value: 5
.adkernel.com/ Name: SSPZ
Value: 176101
.adkernel.com/ Name: DSP2F_86
Value: 458163
.adkernel.com/ Name: DSP2F_84
Value: 447704
.adkernel.com/ Name: DSP2F_3
Value: 336050
.adkernel.com/ Name: DSP2F_79
Value: 405982
.adkernel.com/ Name: DSP2F_63
Value: 480564
www.staradvertiser.com/ Name: csparkW_ga_39CWM68PTE
Value: GS1.1.1704418110.1.1.1704418124.0.0.0
.analytics.yahoo.com/ Name: IDSYNC
Value: "190u~2g01:192z~2g01:196y~2g01:18vk~2g01:19e0~2g01:18z8~2g01:175w~2g01:19ai~2g01:19bk~2g01"
.w55c.net/ Name: matchbluekai
Value: 3
.tribalfusion.com/ Name: ANON_ID
Value: axnvYxsKBRhFmDqU6du8PqF3dUZdZaAZbdZaJ3kZcUC07UWSbj0kRaqXEMPSHyl3FEpWIBa4CGxHiqbrqa318qi5sZaX0Od1ALvlfiFRPHqZcgaZcoUMwYZbc
.w55c.net/ Name: matchgoogle
Value: 3
.rubiconproject.com/ Name: audit
Value: 1|clb2f5t+FPoxfiyGuqkgbqS5Bv7H1ouoxdnNVF8ci14/ybvdeqGennHGVHt00oyMRR27F9qJ0RJOzLHm87w6KdaMONmywvcb4HEYI5ehIrU4E1++3MUvAK5ngH95WvEWDtzpiw79u8dIi/0PgMapEQ==
.inmobi.com/ Name: idsp_c
Value: afc1c9d7-0952-48d2-9346-49d61c5e1e77
.quantserve.com/ Name: d
Value: ENkBGAHqKvijCJiTCuu4EA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13Nuw2AMAxFUSHRUmWOoPiDY7ONCWQgSkpKSkqmoyMS5ZGu3ru6AXJiBgUkQ72bQSnj00xgSlffelSCPeRMm8AiNXoSjrzWEt22Eos7q1OddOL5G6VRzCwZHqE9MaCcP7-I7dzUmgAAAA
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1704418134!minutemedia,1704418122
.adnxs.com/ Name: XANDR_PANID
Value: TfpC55gIsGlBbI4ULRwP3FbcHZP8Fn8gi7IbU_0V3zmrp0o5b9dv14v2f_slc2QnpCDWaeTBUVZ2ApXmkZkytzGZw59aVG-pzWHoWymLwfs.
.adnxs.com/ Name: anj
Value: dTM7k!M416gjZ%3ghqdmU(5=wrF5uD!]tb[8bhzs#DNB/f'<eH7^I$/)M4RJj3K0'TBn5lC)D`tEHS'a=5o^[=7SZtQQ9se[Ro:%H3SY=<QHJ6IQx:>IA+GG:Vd[p<#2bbAr42PKzyGsOCG99E1)n-Q(HcfUqHIbV5CmaV`Xa7AF_U3Vu2z$W>MYunr:mbGsCw.W:a7UYrpy5E0XH%3m)c5jEA[-6'9>>4#oh'00AvIn'j<r(pF9m-4)6e]*TJAB.4DF@PVCkTFlgw^DpQe55MaJP)j.gpUA6N
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiZmQyMWVlYjAtNGU0OS00YTFjLWJlOTUtYzkzZmQyZDg0OTUzIiwiZXhwaXJlcyI6IjIwMjQtMDQtMDRUMDE6Mjg6MzZaIn0sInJ1Ymljb24iOnsidWlkIjoiTFFaWUo3WTUtMjgtSjJIOSIsImV4cGlyZXMiOiIyMDI0LTA0LTA0VDAxOjI4OjM4WiJ9LCJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIyNjg3MDU2NDExMTU1NDQ5ODI3Nzg4IiwiZXhwaXJlcyI6IjIwMjQtMDQtMDRUMDE6Mjg6NDBaIn0sIm9wZW54Ijp7InVpZCI6IjdmYTNmNWRiLWY1MjYtNGFhZC04NTg0LTNiYmNhYzY2ZGI3MyIsImV4cGlyZXMiOiIyMDI0LTA0LTA0VDAxOjI4OjUxWiJ9LCJ5aWVsZG1vIjp7InVpZCI6IlZFSXpuZmZERHpmMW5CN2lUTUlfIiwiZXhwaXJlcyI6IjIwMjQtMDQtMDRUMDE6Mjg6NTRaIn19LCJiaXJ0aGRheSI6IjIwMjQtMDEtMDVUMDE6Mjg6MzZaIn0=
.ads.yieldmo.com/ Name: re_sync
Value: rc%3D1184463%7Cunl%3D1184463%7Cc%3D1184463%7Ctapad%3D1184463%7Cdv360%3D1184463
.openx.net/ Name: pd
Value: v2|1704418111.8.12.3|iKvPvMgakWgy.wvmmbwuYwDwtvJeShEgKwrg2f8wiwI.g6fYn8mKvuvR.hAvZnof4csoq

278 Console Messages

Source Level URL
Text
security warning URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js(Line 16)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://p.ad.gt/api/v1/p/251
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js(Line 1)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://ex.ingage.tech/v1/sync/risecodes/b9e8126a-a546-48ae-9dc7-dd9b2e497b11?uid=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D486214773fce3e9d%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://auth.instiengage.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://travel.payvibe.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imasdk.googleapis.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://de.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cs-server-s2s.yellowblue.io').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cs.seedtag.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://de.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://us-u.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://de.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ssum-sec.casalemedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.teads.tv').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imprchmp.taboola.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ch-match.taboola.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.us.e-planning.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://auth.instiengage.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://travel.payvibe.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imasdk.googleapis.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://de.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cs-server-s2s.yellowblue.io').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cs.seedtag.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://de.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://us-u.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://de.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ssum-sec.casalemedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.teads.tv').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imprchmp.taboola.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ch-match.taboola.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.us.e-planning.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://auth.instiengage.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://travel.payvibe.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imasdk.googleapis.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://de.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cs-server-s2s.yellowblue.io').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cs.seedtag.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://de.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://us-u.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://de.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ssum-sec.casalemedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.teads.tv').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imprchmp.taboola.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ch-match.taboola.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.us.e-planning.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://auth.instiengage.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://travel.payvibe.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imasdk.googleapis.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://de.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cs-server-s2s.yellowblue.io').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cs.seedtag.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://de.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://us-u.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://de.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ssum-sec.casalemedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.teads.tv').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imprchmp.taboola.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ch-match.taboola.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.us.e-planning.net').
network error URL: https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=486214773fce3e9d
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20A0864502-06A0-4ED8-A79E-7CD263E71299&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://p2.gcprivacy.com/v3/id/xandr?id=7386633197929965226&gcid=e2c5298f-8591-4c8b-899c-ce392e353523
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bcp.crwdcntrl.net/map/c=11530/tp=RTRG/tpid=18445aa0-e386-4b70-9d8c-7acd2fb9de4c
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=www.staradvertiser.com&e=27&uid=fd21eeb0-4e49-4a1c-be95-c93fd2d84953(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
network error URL: https://a.usbrowserspeed.com/cs?pid=c7e3ce26eaec570ef329be40aeaf9cabc7b01d37dd37b285d3b98cf19a2e21bb&puid=742cc7d7-b8cd-4642-8528-e3ee92cfebe3&r=https%3A%2F%2Faggle.net%2Fjs%3Fpid%3DOS45X5SNC%0A
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network error URL: https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=06132730
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://match.prod.bidr.io/cookie-sync/ro?rndcb=8538124443
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://serverf5.idsyncmxedge.com/RegistroSyncHE-web/RegistroIDSyncHE?input=18445aa0-e386-4b70-9d8c-7acd2fb9de4c&type=4&sitename=rt
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://s.amazon-adsystem.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://u.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://digikulture-d.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.richaudience.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.yieldmo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://de.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.adtelligent.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.adtelligent.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('null').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://u.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://csync.smilewanted.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://auth.instiengage.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://travel.payvibe.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imasdk.googleapis.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://de.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cs-server-s2s.yellowblue.io').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cs.seedtag.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://de.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://us-u.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://de.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ssum-sec.casalemedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.teads.tv').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imprchmp.taboola.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ch-match.taboola.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.us.e-planning.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ch-match.taboola.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.staradvertiser.com').
network error URL: https://sync.lunamedia.live/psync?t=s&e=255&cb=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001875%26dspCookie%3D%25USER_ID%25%26gdpr%3D0%26gdpr_consent%3D[GDPR_CONSENT]
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network error URL: https://match.prod.bidr.io/cookie-sync/ro?rndcb=2635782203
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D44917234a27bfa53%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=770043a8-af77-46db-9a99-c38ce904d888
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

046a091225a5819d3f1976106a9b5d71.safeframe.googlesyndication.com
33across-match.dotomi.com
77a58fa2c0a26bdeb5b10a4231f4b6ea.safeframe.googlesyndication.com
a.ad.gt
a.audrte.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
a.usbrowserspeed.com
a4p.adpartner.pro
aa.agkn.com
aamcf.aamsitecertifier.com
aamcftag.aamsitecertifier.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
adclick.g.doubleclick.net
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.criteo.com
ads.us.e-planning.net
ads.yieldmo.com
adx2.adform.net
aggle.net
ajax.googleapis.com
amazon-tam-match.dotomi.com
americanhometownmedia.com
analytics.google.com
analyticssystems.net
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
api-2-0.spot.im
api.assertcom.de
api.btloader.com
api.fouanalytics.com
api.payvibe.com
api.retargetly.com
api.rlcdn.com
app.retargetly.com
assets.a-mo.net
at.teads.tv
ats.rlcdn.com
auth.instiengage.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
bpi.rtactivate.com
btloader.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c3.a-mo.net
capi.connatix.com
casale-match.dotomi.com
cat.hbwrapper.com
cat.va.us.criteo.com
cdn-ima.33across.com
cdn-p.cityspark.com
cdn.cityspark.com
cdn.confiant-integrations.net
cdn.firstimpression.io
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.materialdesignicons.com
cdn.polyfill.io
cdn.taboola.com
cdn59755463.blazingcdn.net
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
ced-ns.sascdn.com
ch-match.taboola.com
ch-trc-events.taboola.com
ch-vid-events.taboola.com
cloudflare.com
cm-x.mgid.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cm.smadex.com
cms-xch-chicago.33across.com
cms.analytics.yahoo.com
cms.instiengage.com
cms.quantserve.com
config.aps.amazon-adsystem.com
content.jwplatform.com
contextual.media.net
cookies.nextmillmedia.com
core.iprom.net
crb.kargo.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs-tam.minutemedia-prebid.com
cs.admanmedia.com
cs.krushmedia.com
cs.media.net
cs.minutemedia-prebid.com
cs.mobfox.com
cs.seedtag.com
cs.smartssp.iqzone.com
cs.yellowblue.io
csi.gstatic.com
csm.us.criteo.net
csync.loopme.me
csync.smartadserver.com
csync.smilewanted.com
cti.w55c.net
d.adroll.com
d.turn.com
d29xw9s9x32j3w.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
d3plfjw9uod7ab.cloudfront.net
data.adsrvr.org
de.tynt.com
demand.qortex.ai
digikulture-d.openx.net
dis.criteo.com
dis.eu.criteo.com
dmp.adform.net
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
embed.sendtonews.com
embedcdn.sendtonews.com
eu-u.openx.net
eus.rubiconproject.com
event.clientgear.com
event.hgrtb.com
event.insticator.com
event.instiengage.com
events-ssc.33across.com
events.qortex.ai
ex.ingage.tech
exchange.mediavine.com
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
geo.privacymanager.io
geoip.insticator.com
geoip.instiengage.com
ghb.adtelligent.com
gocm.c.appier.net
google.partners.tremorhub.com
googleads.g.doubleclick.net
grid.bidswitch.net
gtrace.mediago.io
gum.criteo.com
gw-iad-bid.ymmobi.com
hb.brainlyads.com
hb.minutemedia-prebid.com
hb.undertone.com
hb.yahoo.net
hb.yellowblue.io
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
i.kissmetrics.io
i.liadm.com
i.w55c.net
i6.liadm.com
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id.crwdcntrl.net
id.hadron.ad.gt
id.rlcdn.com
id.rtb.mx
id.sv.rkdms.com
id5-sync.com
idpix.media6degrees.com
ids.ad.gt
idsync.rlcdn.com
idsyncmxedge.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imageproxy.us.criteo.net
images.taboola.com
imasdk.googleapis.com
imprchmp.taboola.com
increaserev.com
insticator-d.openx.net
inv-nets.admixer.net
io.narrative.io
ipac.ctnsnet.com
jadserve.postrelease.com
jelly.mdhv.io
js-sec.indexww.com
js.matheranalytics.com
jxgdqbxdiycfimegq.ay.delivery
knottyswing.com
lb.eu-1-id5-sync.com
lexicon.33across.com
live.primis.tech
live.rezync.com
load77.exelator.com
loadm.exelator.com
lockerdome.com
mab.chartbeat.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.sync.ad.cpe.dotomi.com
matching.truffle.bid
maxcdn.bootstrapcdn.com
mp.4dex.io
mug.criteo.com
mweb.ck.inmobi.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onetag-sys.com
openx2-match.dotomi.com
origami.secure.ownlocal.com
ow.pubmatic.com
oxp.mxptint.net
p.ad.gt
p.adsymptotic.com
p.cpx.to
p.gcprivacy.com
p.rfihub.com
p.typekit.net
p2.gcprivacy.com
pagead2.googlesyndication.com
partner.mediawallahscript.com
pdp-cdn.retargetly.com
pdp-service.retargetly.com
ping.chartbeat.net
pippio.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pixel.zprk.io
pixels.ad.gt
player.sendtonews.com
pm.w55c.net
pmp.mxptint.net
polyfill.io
pool.admedo.com
powerad.ai
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid-s2s.media.net
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.adnxs.com
prebid.smilewanted.com
proc.ad.cpe.dotomi.com
product.instiengage.com
protected-by.clarium.io
ps.eyeota.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
pxl.iqm.com
r.bidswitch.net
r.casalemedia.com
r3---sn-q4fzen7e.c.2mdn.net
rbp.mxptint.net
rcp.c.appier.net
reporting.powerad.ai
retargetly-match.dotomi.com
rsms.me
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.adstanding.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.om-meta.com
rtb.openx.net
rtb.va.us.criteo.com
rubicon-match.dotomi.com
rubiconcm.digitaleast.mobi
rules.quantcount.com
s.ad.smaato.net
s.adtelligent.com
s.amazon-adsystem.com
s.company-target.com
s.cpx.to
s.e-planning.net
s.ntv.io
s.seedtag.com
s.tribalfusion.com
s0.2mdn.net
s2l.sendtonews.com
s2s.t13.io
sa-media.s3.amazonaws.com
sa-media.s3.us-east-1.amazonaws.com
sb.scorecardresearch.com
scribblestring.com
script.4dex.io
scripts.kissmetrics.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
serverf5.idsyncmxedge.com
shb.richaudience.com
sid.storygize.net
simage2.pubmatic.com
simage4.pubmatic.com
smartssp-us-east.iqzone.com
snowplow.ownlocal.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssp-sync.criteo.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
staradvertiser.wpenginepowered.com
static.adsafeprotected.com
static.anonymised.io
static.chartbeat.com
static.criteo.net
static.instiengage.com
static.smilewanted.com
stats.g.doubleclick.net
storage.googleapis.com
sync-dmp.mobtrakk.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.adotmob.com
sync.adtelligent.com
sync.aniview.com
sync.aralego.com
sync.bfmio.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.e-planning.net
sync.ex.co
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.lunamedia.live
sync.mathtag.com
sync.outbrain.com
sync.richaudience.com
sync.smartadserver.com
sync.springserve.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync1.intentiq.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
t.teads.tv
tags.bluekai.com
tags.crwdcntrl.net
tags.qortex.ai
tags.w55c.net
targeting.unrulymedia.com
tg.socdm.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
track.adform.net
travel.payvibe.com
trc-events.taboola.com
trc.taboola.com
triplelift-match.dotomi.com
trk.kissmetrics.io
u-iad04.e-planning.net
u.4dex.io
u.openx.net
uipglob.semasio.net
um.simpli.fi
um4.eqads.com
ums.acuityplatform.com
unpkg.com
ups.analytics.yahoo.com
us-central1-kube-ownlocal.cloudfunctions.net
us-u.openx.net
us.creativecdn.com
us.shb-sync.com
us01.z.antigena.com
use.fontawesome.com
use.typekit.net
usersync.gumgum.com
usr.undertone.com
usync.vrtcal.com
v.clarity.ms
vid.vidoomy.com
vidstat.taboola.com
visitor-us-east-2.omnitagjs.com
visitor.omnitagjs.com
web.hb.ad.cpe.dotomi.com
widgets.outbrain.com
ws.rqtrk.eu
www.clarity.ms
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
www.staradvertiser.com
www.tumblr.com
x.bidswitch.net
x.dlx.addthis.com
a.usbrowserspeed.com
ad.mrtnsvr.com
ce.lijit.com
cs.smartssp.iqzone.com
ib.adnxs.com
jelly.mdhv.io
p.adsymptotic.com
pixel.rubiconproject.com
serverf5.idsyncmxedge.com
sync.adkernel.com
sync.go.sonobi.com
targeting.unrulymedia.com
100.25.25.103
100.26.123.236
104.154.142.214
104.16.80.121
104.18.36.155
104.18.38.76
104.18.41.104
104.22.68.131
104.22.69.131
104.36.115.111
104.36.115.123
107.178.250.234
107.178.254.65
108.128.207.160
108.138.66.130
108.138.85.19
108.138.85.29
124.146.153.162
13.249.39.110
13.249.39.55
13.249.39.73
13.249.42.27
13.32.151.31
13.32.151.81
130.211.23.194
131.153.242.59
134.122.57.34
138.197.60.79
138.201.8.249
139.162.117.143
141.193.213.11
141.226.124.48
141.226.224.32
141.226.224.48
141.94.171.216
141.95.98.65
142.251.163.154
143.244.208.184
147.75.195.55
15.197.179.7
15.197.193.217
151.101.1.44
151.101.129.108
151.101.193.44
151.101.194.49
159.89.246.130
16.182.72.177
162.19.138.82
172.104.105.5
172.240.127.128
172.240.155.116
172.253.115.149
172.253.63.155
172.64.151.101
172.64.152.89
172.98.26.242
172.98.26.246
173.231.184.20
174.137.133.32
178.250.7.11
18.160.10.101
18.160.10.111
18.160.10.82
18.160.18.59
18.160.46.40
18.160.46.85
18.213.141.199
18.214.54.215
18.67.65.75
184.25.146.64
184.28.44.83
184.86.146.172
184.87.56.223
185.167.164.39
185.184.10.30
185.184.8.90
192.0.77.40
192.132.33.67
192.241.157.60
192.96.203.13
195.5.165.20
198.148.27.131
199.38.167.130
20.114.189.135
20.253.86.149
2001:4860:4802:36::178
2001:4860:4802:36::36
2001:4860:4802:38::181
207.198.113.230
207.198.113.87
208.115.232.150
213.19.162.90
213.239.211.175
216.200.232.253
216.22.16.36
23.105.12.136
23.108.102.14
23.19.226.83
23.20.158.212
23.20.191.184
23.21.51.122
23.222.197.151
23.227.146.18
23.39.176.28
23.39.177.103
23.39.177.151
23.45.13.203
23.45.145.114
23.46.192.28
23.56.220.247
23.56.221.132
23.7.17.42
23.7.29.146
23.88.86.2
2400:52e0:1a00::894:1
2600:1408:c400:29::17da:da4b
2600:1408:c400:29::17da:da4d
2600:1418:a000:9::1728:6309
2600:1418:a000:9::1728:6311
2600:1901:0:328a::1
2600:1901:0:d733::1
2600:1f18:4e9:5a07:8d75:79f2:fdf1:69ff
2600:1f18:612b:4232:8e14:fb12:eab5:43f8
2600:1f18:61c0:2204:f86a:1dc2:9c08:7629
2600:1f18:765:4800:7681:18d0:4c60:ba77
2600:1f18:ed:550f:9eb9:354c:5ca7:7a69
2600:9000:2009:6c00:9:78a:e540:93a1
2600:9000:2009:7400:9:78a:e540:93a1
2600:9000:201e:3c00:1a:5235:f980:93a1
2600:9000:201e:b400:6:44e3:f8c0:93a1
2600:9000:208f:5800:13:a391:88c0:21
2600:9000:208f:f200:1c:386f:ec80:21
2600:9000:208f:f800:3:4706:a6c0:93a1
2600:9000:2269:2e00:1b:6b7d:2300:93a1
2600:9000:2305:3400:1b:5138:8a40:93a1
2600:9000:244d:2200:17:5bae:c7c0:93a1
2600:9000:24f3:3a00:18:1fcd:353:c61
2600:9000:24f4:e600:15:9da4:e200:93a1
2600:9000:24f4:f400:8:48e:53c0:93a1
2600:9000:2501:de00:17:c484:6380:93a1
2600:9000:26c1:5400:14:c3e7:6780:93a1
2600:9000:26c1:5800:1:a3fa:7cc0:93a1
2602:803:c002:200::113
2603:c020:400d:3000:b5b3:7157:5b47:80e4
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:118d
2606:4700:10::6816:34ad
2606:4700:10::6816:445
2606:4700:10::6816:4bd8
2606:4700:10::ac43:17ea
2606:4700:10::ac43:266a
2606:4700:10::ac43:2954
2606:4700:10::ac43:8f4
2606:4700:20::681a:13e
2606:4700:20::681a:246
2606:4700:20::681a:3e
2606:4700:20::681a:7e
2606:4700:20::ac43:4bf1
2606:4700:3030::6815:251b
2606:4700:3038::6815:eaea
2606:4700:4400::6812:22b2
2606:4700:4400::6812:2412
2606:4700:4400::ac40:90a6
2606:4700::6810:7baf
2606:4700::6810:84e5
2606:4700::6811:180e
2606:4700::6812:18ad
2606:4700::6812:acf
2606:4700::6813:9e13
2606:4700:e2::ac40:8c0d
2606:4700:e4::ac40:a917
2606:4700:e4::ac40:ae1e
2606:ae80:1451:17::1460
2606:ae80:1471:13::730
2606:ae80:1471:16::820
2607:4f00:932::2
2607:4f00:940::2
2607:f350:3:2569:0:10:0:a
2607:f350:3:2569:0:10:0:d
2607:f8b0:4000:9::8
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::66
2607:f8b0:4004:c06::9c
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c07::9a
2607:f8b0:4004:c08::61
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::8b
2607:f8b0:4004:c09::93
2607:f8b0:4004:c0b::84
2607:f8b0:4004:c0b::9c
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::84
2607:f8b0:4004:c1b::9c
2607:f8b0:4004:c1d::5f
2607:f8b0:4004:c1d::94
2607:f8b0:4004:c1d::cf
2607:f8b0:4023:1004::5e
2620:100:a001::16
2620:100:a001::18
2620:100:a001::1d
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2620:1ec:29:1::40
2620:1ec:c11::200
2a02:6ea0:e200::2
2a02:b48:9000::1
2a02:b48:9001::1
2a04:4e42:200::485
2a04:4e42:400::300
2a04:4e42:600::714
2a04:4e42::282
3.128.106.141
3.13.55.213
3.162.103.27
3.162.125.78
3.210.0.246
3.222.45.79
3.223.16.170
3.223.218.249
3.224.6.94
3.225.218.10
3.226.158.19
3.227.185.122
3.229.92.32
3.82.85.240
3.89.188.37
3.92.12.163
3.93.30.112
34.107.140.113
34.107.148.139
34.107.217.107
34.111.113.62
34.117.239.71
34.120.155.137
34.120.58.62
34.149.20.76
34.149.40.38
34.149.50.64
34.150.170.96
34.160.19.107
34.193.193.20
34.194.35.34
34.197.115.132
34.199.187.121
34.200.63.182
34.202.106.54
34.205.113.238
34.206.99.162
34.228.135.33
34.233.109.59
34.234.4.96
34.235.75.11
34.68.132.100
34.95.81.168
34.96.105.8
34.96.71.22
34.96.77.232
34.98.64.218
35.168.119.229
35.170.7.97
35.172.99.217
35.173.160.65
35.174.112.174
35.186.193.173
35.207.24.140
35.208.249.213
35.210.53.219
35.211.118.13
35.211.178.172
35.211.233.246
35.211.243.123
35.214.181.122
35.227.252.103
35.244.154.8
35.244.184.131
35.244.193.51
37.157.6.232
38.68.201.140
38.91.45.7
38.98.69.175
40.76.134.238
44.198.190.216
44.206.145.94
44.210.27.167
45.137.176.88
45.55.99.106
47.252.78.131
47.253.61.56
5.161.188.99
50.17.122.21
50.17.254.219
50.57.31.206
51.222.239.232
51.222.241.100
51.83.220.94
52.0.156.250
52.0.205.209
52.17.153.143
52.202.180.1
52.206.34.84
52.214.64.222
52.216.178.118
52.223.22.214
52.23.23.251
52.25.235.164
52.44.250.119
52.46.151.131
52.5.138.9
52.71.68.246
52.72.225.207
52.73.22.220
52.73.4.162
52.85.132.6
52.85.151.96
54.146.92.239
54.156.229.21
54.161.113.161
54.164.14.168
54.172.142.205
54.173.88.168
54.174.200.239
54.176.146.78
54.234.151.247
54.239.33.159
54.243.186.52
54.82.127.194
54.85.146.200
63.251.28.133
63.251.86.49
63.251.86.50
64.202.112.159
67.202.105.23
67.202.105.34
68.67.153.61
68.67.179.164
69.173.151.96
69.194.240.11
69.194.240.13
69.90.254.78
70.42.32.159
74.119.119.139
74.119.119.147
74.119.119.150
8.2.110.134
8.2.110.161
8.2.110.17
8.2.110.206
8.2.110.33
8.2.111.111
8.28.7.81
8.28.7.82
8.28.7.83
8.28.7.84
8.39.36.142
8.43.72.97
80.77.87.163
82.145.213.8
85.114.159.118
96.46.186.182
99.84.108.111
0000356872c103ec0f4b0d9aa1fa44be409307107e7204ef16856423fcc1a68e
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
00410ff787ee117aca6886699b8c1b78f9dec071e583603883f3b855e9b74b15
00cd54975d9eb21d88f1e0ef468c7cd5602ce7638538100c67d86103445bee00
012fe5f0973f4e2e709cec1d1b4acf8875d61b126ddf3082415ed78ad2ed6182
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
0159831273549544cb9ff04cb7f31edfa5797d9aa4bf1666636bdca542479b76
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0299f98d3a69e6794b0be9c4ca011a0b964ebb07df4e40592accf006406a85a9
02bf6a6045ffac6827063d23b3059371f0266e9b5a1a58886f3ce481014fdbf0
02ff9ab9217afbaacb4ccd2a48d03c83161ba8126c0a1ffea3598b2946817880
0310012cc35defdd3648d96e05531e8c9245afc27e6f2ecf90220a0607e0e4f8
040bda449c7b5d1c35fc5b4df99c7540cf7c81e2670ce7463e4894b65c745681
042c740b9b2255d7f1273a9cd677012278c5f10b8dccf808e0894b7d51149cd3
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
054bf6e0dd3f847b3c45a2898df3fdfe0b3ed188feb4982d628407d967d1cac4
0559581acf4b4d46a6cc6175fb38c93b209fec05433cd4ed7454a458433df97e
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07892e5166a4107d71e18cad4df4f60fa60f44d467f3b6f99d4231226b50ed6d
079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486
07d0084f1697727f6f7f9d76c00d2ef5bdfea6824dc3c4e481fa1cb33bc6c4c7
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08fbe8bf0d9ddbc1875e4fc477fb18058930cc44211a18582cdd47d13d5d86f3
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09b09bf20f7f7f38329fe07b79ede959c60dffe1cc32a95dcf22ffc3bf3ff844
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34
0ae87fcd040631fed20f37175acc21a37dc4315b4fb65ca0df0b017294010eab
0aeb2e636f634270d214e57ea9b3e371376e9d23b9d90c616f7dc71b688d949e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c7f8544a2ec5c47287e9634c4777d8599a2ac0b4e67693aaf57cd28eb690a33
0cc9ffb5a22f2ea2051caacd447504c85147aa892b52dce535fabf02b32de935
0cd3b9ad07291b3884014188f6075141eca6a81a32e2a5bd1d380f29119340ae
0d8f1f9b8e65f9d96fbe68835609295fc6085dd3b1b5e05e7e45e8a6f731a940
0da2ffd388482a0d1c0df6a94df4789f161e0ea67e45d3241c0bb85fab8d4567
0e0d12ae11167b74ebe560eea6980e71ad777027d257b04f228744631682b567
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c
103128a71299d9bf3b0abf68542aa73ef96e01cb40ea65c782346527fa0b545e
10a7200ab86c6d773264e862cb00a68070b8d71c22e48619248f990604d48036
11d7b8a1dec362f1eef1b6e031ad004ac31d12df001a74e559d31108401bb58d
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
13f016fc35d3cf152e8f989d05935bb90c6d1073c83611f04e908eef09229064
147a0ddeaa33d81d7810b7cf5c80e3ec27cc324232f6afcccdcb4d274c0474b0
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3
167c22266b7091f63771b3d901bd83f1b1676cb23b413373a98414d98ca3a2e8
183662677878802d158b91b359272e3410fb6afc87d421da6c237057057e741b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
186a485b57b618549bd7a5919dc7949b73692a773600e1597d916e4e2bec419f
188166a1f6d59bfdaff466215df4b4788c27d56cbc03a96314b49a99f41c6c12
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
19a28e2d74e7eee25716e5a9e7bba44191ae28ada05995a5107d7a85cea3054f
1a5242cb262bd80d7868f099739785677f29eea40168a214a3a1449e8da8b2b6
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b51cda29b67de66c6e1f4162f1658593331aa5969277734b302718847590049
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c17d0c5b7fc2f2ab1472e2fa2d5cbfec7e927707de9583b5454a3b1b075152a
1cc87d1cb6af2a80192b4426bc37fd60a07238a8211ecf90356bee8fcc187ba8
1d54b0e8deed622a1b179a377786e60243003400bcef5105144f7bb35f87f017
1ec3aef750b84abfd4ac621fc73288227be5d56b1930dbc818e85a13aeadfcfd
1eda5a22ae0ee3edb6d629fa72ff806cbd1e54de7bafa122cd26ace6ee69679d
1f0d968838106e1d2d9f8ac88b7002f0c0db352dea74a3040bd95d83f95b98df
1f1f4ee19ab75ef54a1a25c521696df2a643c719daa47b5b3c663be22e54b397
20497d7aaf1ef817b72baaa8ff9c94dc65ed722c67abb916940bd3173155baf4
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
2069952c4a2112f8318fb9df910a123fce2ab2b572c872f44866118b645cee03
20e37e12e4611f478cee696d0cdd0a32bb2ac57ea224e2f6d1398e06f422a400
20e7d4a38c2b03c680af9481fd95f8f2f717b99f5cb91946bfa8326952854267
2139ce24fb0249caba20c563f30721e410df03f7aa67d349418754b0f7afa706
224d1e91790c66709986efe276bba8880dfc374c86855cdeacb0ca52a8ef0f42
22c47ffbe21c5caa8e79dfa00fce0665be86891e5ab44a9d762c707ab4eddccc
22ec16fa85ebbbba8861f114d18a832e56adae1029d64269ebc049246f6055f1
2321505c3ded4d5839f88d0652d240ce7a84cfb3d9edf0f2245308614c0431a4
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
257aff2c45cfc355aef43caf7e30e3cd8ab18960920935384d9c732afa46b0a0
259fbed24627d02f3a630cbb6ea1dfcfde2fde9373b82b9bc8fc4c288732ddc7
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
27a248eda1fdeed115a09b6721edd068770883206d013e5b493a12aab50a7c41
2831fc70c2d796eec89c48912bcc2d2fbd90525b8f5920c83d2dab8457a679bc
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081
29cc4c6275e17d792d0a6a32f7bfd5efb85bf3a94005c57a25895a3211651532
29f3a1c0cd4565b0277167096d361e171bcc442aefdc0d7475059067682abdbd
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b33513cbdfdddad5bae74f5ba3bdaaed763339ae234a6c153203368bc8d11db
2b953de94a25e639082857000970c29d7d628e8743c9f257debf84323924e83f
2bc18c5e40b439c202bfa5d0a973c2a8c30ccdb6a83c85c5d0b55cd2abcad8b9
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2d956eb7e6845e72d9f0507c7fbf612b68cad76e8d3b2f853bce9a4218835cfe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e260c30045f1b05617f23476acdda8b93536de9e6446b757d7334250297c489
2e4346aa7f0340066dfb5aa361ff449a438a172d5432719cd405e876a0d7b439
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
2f825b6751ffb4faf1398415718f9a8eed1b939077915fd4b57960539254fd10
2fb2594dc882d1b768abb049d139510cbc49909e120ad566f0ad48170b265a8d
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3
3122a2ad14078e833656ac1de950aa8a449c3705d95a21d7be14e88404baa0b3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326e93192aebe45104327f15a58733bec2239d67945d6c1c0adfbb8e40a40a13
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d
334ee0fabc7c117fdb54cce96ab1e0683fc5857268ff6d82013a26ea2595620e
3372d61bb24a29b990be815fca8b7c2f37d420489dcbbc965b292422c531d99b
33adc22eef3cec210d8519cf7770e31bc9dcca9096f08bb75b2201df502f8f00
3596c8db4dfd165d2fa4af70f72fbb7d22caab7c9b7aa1cd7e91af4a663e6a8d
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3772aa5d9ab06b270165da73427ec3653cdcf83388fa0f20b5ce0cac5f0dbc65
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cab875a2a392985fb6bc7269ea092a6b16d208b2ba247cba8bfc0f626d9caac
3cadbae170d390eb07482f947b805544aaf7a6f7f603815d9da4f7648d6945ae
3cc698fc98f1baad4d8e918d57dfd18d0e5c8db41d9aaa184f39a5e22b06669d
3d3e86ae5724d40686183fe12e439b457b641edefc2947e3bb2a6dc73d8057e2
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e59c70b8f27c2134f509e56e3a1ff96677c183a550bb8f6978c375952b9c1b4
3e72ffa59a0684c988173f4ea0d75435f8ff50995c92974aa316288efe96a539
3ea9623103fc374a907e1e14edc7bff6acd097f9c0689b9200f12ddc9a9be130
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f37b850d9024e99b6015db65885cc04facc61bc50e983931fd5ec3074a169af
3f72bc478fe8bdfc0d71966f03269d1400530dc5b86bfe964e181991ba89b19c
3f9cea035234109c3ca1b29416fcc9add9063ae1b2a1fda0a2aeeec451a283e9
3fd020bbdd8f0b0036f9ae7cea4cb90083ae295c5fcc5ab906a0bf46e45038ad
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4038be920cab9a1782bc4ad34df7a2d2ff81abfb87b894f8d46c4a96f9431955
403fc8964790196476ff4e888d6e806f4099a6d573f306182b1802c1c3d9e546
40d560c34325d7512ed96d5bd7216d0cf760c7be324431153500c9bf58276426
40ea2ec74feb42d83a4916f674242bb9bddef6bde49cf59ab665ffda78dc3331
40eb4494f963b2f531935eb893e7c70b1bd4d8883ca07fde4edb042c4af11387
4105740479727a011f51285d53792c0b1c16f756fad37a877eff83054a578a65
41984f07f46ceeff01f43f3a0bb98ef77c91fa21122c9b87fb4e5fa8d8d0e194
41be2ded3a417eb7f67cddf3cd1e3fd49c1929c4152d3909f8f09318a6204005
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42e8d42bd77ade5b8ac592a18e49b75cb5bd53313539c824f76798327b71e7b2
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
436e1be47b9c01206bccfa763d96419e0eb284f82640338d833fd403224f3986
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
442252a52549fecdbd921da7819bd5ad4ba315ecbc5cc55a92a944f25a4ef2d2
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46ef3055ed7566a5b8013ec144510f85a5920cc90de197ac8b0a2329dd86d9b3
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
482ff70e23751f4782171625b8f6342bc6c41382586633929a4b34360afe3a3a
484f92ecc4e65590cd108590603323c0f65584cb8305af6995bba74ac812de05
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a
4a2c6e2df944df207d9221529b4957d8a010369c75d9fe3863379bef02e728dd
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4b49a4a4c70d87395a46a310a9aaef413d5d2a5ff50a59df3245c65e4a404dd0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf731601c2eb22358ec29bbceb54f60d332d912c76c0efb8022255ba5adaaeb
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925
4da325f33603cea1c0fb888724333710a30f485bd6bacd5bb5c3cf094c1048f2
4dcf78b31f69c1674cb5a75cd5fd5744538b50eaf34076396d9cf54acebee6e4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4f75c487ef2df0561afea906b6128325548e6b4f142f3e42eefa5c6ea0ad7948
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5004c313c6c0e1e0b4c52d9f3bdd40243c6bd8e5fffc697a45320adc9c7a8a30
5028b25c9d02b53eb0b828dd37159d5c943231d4281f2d804ca600acafd24ac7
5042d199b823eca4b8faa8a4d086f59ab36b9c91967c3f2899319e1f737b4897
525106e52fcb08749b678fbae2a2af23effe2a6a9f4d9ae23984e35fd11241ff
5270155ff4a7e8b5f899599bed68fd18e6bc5a609ca7a451371f3ae24e2380a1
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52bb57fd18280102ff97c27797d2fd0d36dfcbb0ce9560c3d9b3a092045cc143
52d7f9e1cf49f5eaf48cd5883269a98b8893c43d0b7d855b888fff9a9bc591f5
52f851ba5cfc4de1d884667d5abde023f95108f18c1f000c1cef82b395e2bf0d
53d479caefed709cfad8bad82772e42a205fdc70270b432a04f6014815668daa
54209b35085ed16f7bd576d44c27ae5ab18ae6baa9268a282b7e87bbd6e38d18
547fdd911a5d3926c771295f981018f059209b1acf25c9e5c6c67f915002fbd5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e8782d0999e75a516a20c789ed49900f306ab851e187e98d84b3ddf365840c
55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5652c0dbd08f9187e4225e7938fa125bc5d57ea0ce5e7eac30d7884293321934
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57acb0c4ea5a8ea31215572f4a0c492173c207252c3547447c9e833838df8460
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
5915864d6766c5bb770e9a163cbe3d3f38e334125532928c7814cc7009557d54
59ac00adbac0203a417e559dfec8694c8b6c3d4c5ece330e6834f5daab6b83d4
59bc8f9be020dd8503f13b4f0fd6a7b2792b67a6755a3b66cf5c51a76fd974b2
59ddfeb75103c8b9787ef948eeb41b42fc13ea3dc010507f9034e963806093b9
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5acb6ef652ed2e4431be51d530d424a1c77f64cf98ea0fb39d89658f5ca46185
5b0faa74cc0202a762b225d773263f5cc9a8adec46a708d0684e654871e4f428
5c4ea290f86281a5798bce1391a40b1272eaf87eff7c2ed70c0a427b11e16973
5c6742dcc257520af38d525698348eef537279a9f90c05dd2197abf8853cc2f8
5c7987d2f26ca9bf8254df658877b74005f2e90d3f477eacc606e011341d8082
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1
5df95beb48c2a9328ce73efa2da922f8449cb281d7b22c46b2632d1f2ec96361
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60a2c0ec2e978fccb337450eb358126bba47eac9bcc6be4633fad3410e9ed62f
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
611c88820bde9b7a0c0f4f41723a325b902dd76ab2076a0ad150eb8c6a06b9ff
619562b3888faa5db65b512989585a50e3717fca9b300e64efee5d4ab35ca067
619d10e42eb4af4f148ec7cb585d5017a982e8ecd5a33b2cc55e0ecaa66efa02
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6236fce15e28a3bdfdd1f8b3a6c11c84e436ba55b1302ff9b74c092f4cdce020
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63201d52a0bc69bd34b0a46882b8d763496a30b95beb3a78606437099b2bae88
6387b0997af040b4672871a90dc87f02d385b61682b1a82c2e0c9053129cfadf
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224
65505f215e9d6c8317be522c00e041b7da5b7a22e8fb8a8d7485a76b691b16f5
664bc8ccfc5ad7b1bc1b8ab12a8d5b5b3e84e588c5ed632712ed168c47bf9750
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
66d5e835f06be29e8b5112ee84def9f11eeef96f164d624ca3ba8bd8d3e2cefe
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
682eea5c87bf67e804007deb37d6cc3e5eb7086374828b2af3edd3f3dda92da3
6934a4a5d8a7b71bb8c641bbf177884f4eca236d1420a095bf84fac479f95ba9
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a
699baa2937619c2d707b5f96d43ddcabe4dec250144f56ee9680b79a59efd1fd
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
6a7cd0b48eda3c2337951e95cf3ede4ede520c13306510285d4b5dbbc18dde96
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af9cfee2e190bae079465e3c199d4cdb75f83ca0fe955b9b48f9bcc31485262
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b88007a74c504349058e7426f51eab20681dc27d871d34401cd08570e04df58
6c4cef8864c05593c811075155354b213dc7ebb1f5e63fc0326a228bd6fa2105
6c7ec13fc2e24535f0d464cc1f9a5877e1fae73a5d0d5ccdc218db8e7a15a2f9
6cc8b4c79caae0787ac82aa05fd7bd0510206b2c1fb08aa16079292057741a5d
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8
6ea2cd6ebef851c60f8dc625e1e67c26a890442f068e85c014c19cba5c6c22ad
6eafcdcd5d2c0862016a2e2dabef538f9c1f8e44a24a89d56c6b5ac89212fa04
6f91e9965607c5111d66683111171779ae0c2efdeecf66d3491bfb5f618d2e89
70c7d95a58fd161e6dfb066e3a5ef80254e7beceb438079891c490ea5e52a6dc
7183835dcf312b08d1e179a329650b3171611cf3f020abae21ae9fd9291f33b8
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
72c122620b15451a00824678bd71afa67ed964e294fbc454a2b93bcfa447daee
72d1d5ba105ef42debc52a5057b5466b44f296513ab4e89dd887410440e2bb8d
72d34c54978f207006a2ad6ebc49b37eb70e7626cc42f673cd3363db294365dc
72fda1fa4710db934229dd87e4be7d1267eb89d3e849c9d781ed768bee1d310d
73744d9b3394754670b93de4b688cda23c6a21eac763b618c0b94d254c6823c1
73fc8b08e26f9c76288a7df30b72e18ae805feaf1bbc0e90a021a9ee8146d4d3
743a9ad8ed176558e1c2eb44768c983b60475c8c8c72ec579c33c1c8226258ac
75ffa4dd5d645d2b4fe8ac365b39633b989cd8d34ef2acadfffedc71854e9aa1
76030226a4c84fea482d1973d13b167de5bc7ca74460ce8f00932b0dee7b0013
762a6921a033f9c9921fa1d1ef75351b4e82685fd77e6eafd97134a8cd4436c0
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66
774fc53f86ad35963760b5818e4b49723c85094aaf8c5191bc996f6962b279d6
77c2b24b644af6c58f913c61be5030ffd50b29c7ec6ff61cb287d45b418e0c7b
77f63d7c65a401cc35826b9f92ad512cb75d3c25f9090ca3adc2693942584986
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a96afec7985a179003f4772e26ea673464fa96cf266d64b4d3498bdfb76c934
7adee438455ce7d12a78e4fb744cd9ffbd0b6f2adceae1c7995131f09bc966ef
7b0f896395d38242a3908fca302d7b5fbaf581bab53d8745917eb4db8b33a426
7b205e88991731a228fd27cdb2f729a087290f10325d97622ca19b8376524266
7b666d5b5b9cbdf66f870c67c46aac8ae6c47da8f8d224b044c89d6528404c28
7d0e98bf6b55649ceb5eb9fc9add99d32b5a3e1bef7af78138b5ac4d82838776
7e4ce9b7c4c630dab207f35f61f28af9e646775aee2049558b311a0899de6fe0
7e69dfd995bac9daa3974277921a44b864a0210e324cafe4a3d7f463969d83eb
7e780e82913c8fec3e7f7ebee2a92ed45ed6739341bb3fd2b373604c0522a751
7eca8f3a178b262cec9619ab601c30fd9eadd270939ea066a5a22c93a2aa7b6a
7f64e1ab61580ccb1dff143032a644c2a8f8a33211e98d7f2d62d7808d7f9b64
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
815ff22a35fb6b584f35ddb3f69f00f581c941ffedbc38d9b5c9732a4a7413e8
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842542e571b27f1586b2472b0f927e13973b6b47e5d9fe345abfd2436eb24fe6
843a1c75709f7fa607e463b7002e0373ce37f1688eca6097096898925b371eb8
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
851323488d133cdb7079d240a47b96f25db7385bf99adfbbc69c1af71e688403
8585a6589f528272969053f42be4f3c6d3a1e69b4447deb36b96386a21120798
85976c05de46ce57ed5573e315c75d3377b11c946683a4ee81d6092a59032f34
8636a73b9878ed61ed093aebaba886d237a65e5f2a9bacc9f1e4fe83df0f5b43
8640fab431382b238c10b7463e8f0e409ca32075df9af38116acafae902504f7
87228b5246ece9b12bac05b438794791bb67239aab563dafb7e43eb4ddfc8fa9
874003c0763583cb8388e4f2979a7d1b26edd3d66bfa7d1565a319274c947680
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8777344a99637e24d7cc113966d881a606c442420b686a2c24405094105d454f
88f6400ca4aaae3a8014a52cf355c75f31551c46c5915407ee00706072ff1649
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a9586a5c708e789646acde6bff4314e54a5851a359ef62627d5a4f3b931719a
8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0
8b1d8872f94436193145e8672ee2ffcc9ce622bc226f92300e5da33ff128a1e8
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d50b0ae37a9951047e754c97506df6f352cec83e026aab981819d683194c001
8dae7c3dad25611fa04cb5fa1071b678ef2250f913fa31ab8cd20e044bc331ca
8de8c07eb67b779e0c1cf1f201820ae145e0258225afb742d1c736385e8b4b03
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18
90344955f5713c57fa128f295170451788c77c9f1f97473f0b34a29f1db37aa8
9064c229e377007ce5c9dae66f0c8c24c9b0dda2606feaccc10f0e72b1bfa77e
9122d35ca0b1532a344f0801f9004b862de73fe3ec70d6eb04a345cc02e8e2a3
91278effc2efd0683e1382586d5267ac73476a7491f582c759f4efc5d386e49c
91fb1a0303ee80bf55702d97c5e8f020339bde5f5fa740a4acea2be37091a188
91ff11c192717c480ffd2c9f6627e8f42751c00daaf242a48c6025f54d1d027a
92eea9cbfa384eb138b493d493dd6fb163bd77857210e16122d879e1e2bd1ef8
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
94410ce192c32c5baf01356f727c60948f022ef2eb49ce812eded47bfb9ad523
948a6b59d56e61700382225607717c9ed6defacafbac5cf2bf57d083eca815ad
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
94ddadb4fc553ae633ee72ce4eaa0713856fc4090fb3f7e27c9fb40445758896
95133d31389701ca9c8f34810522a3129d3d54a131c0c47b4cb9d3d804e709e6
96e81b0a3347993f68b10648e08dc9ec74a05b452d08dc6498967c4b46dfdbe7
9707143eaf52236d85e9d73c54997660619dedc90300315e2a2b019e84d4f6a3
98223037c7bfbf8695cafbfd041165f5d043feb38caa2b6f355d5a5523aa4eea
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
987e8343e305ad261d4bc23121ffb6117c39a5447e2e647f76856c9a29a40d6e
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
999b32b8d358cace3e52cc84e999da2a60740c8df82fe2aa2b6f761477e94c60
999f5ed0e1d4d5d78f5afc1301a38c0c5d8aaffb16f511a910bf13025beaff1e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9a9acc4a36b345253c9f8dbf26d4e0094beb775176480b63ebeeadba1c1f9d3b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab409174b8e147272d2465e0665a4a454bb8d4e8b6b3fb64a6d0f3eb72bdcc9
9b091cc3c88e48640b9a667d982a9ee4248e45d346274b4270522aa12811d872
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9bfe1bbdb54edf381f3b49b277e17504e1101e48f4ab612d78ab10f240544461
9c8483a1d83cf5ab8dc44ed8bad290b6a981a00934bb783a26b81e3f6987748d
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4
9ef65f1d4b3ddf07c3960a578d532f8aecd6b9d551631b2611596fb652480a9b
9f42bd1596531e9f89a68c49209c00def34e9c7ba20bcfc97df8d5005633c74a
9fba1b0797e04bb4e94dffcf9068f89e75b4fa5569dc9efcb5aa72275435457b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a9980a169c8d00f1d15cf550a0042f66830dc82087fbbd1c072e9aef393d90
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0e7bc47b2d6fca6cc50103877ff4d65ef76cdf8037c925be2ea2d33f2ede926
a115ed80640d66b81db3555d69c2854d86ff220c0e58419642ebf3ab25de8cab
a126b49ae948fa14ec7c581557adcd44377f19138c3c15759a0cadf6d2ab55fe
a1752927363c1c6d6de58b58f7749fa525fd67c1e19b8357b57962d93b844566
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2a5cf5ea7091d348a4a9294a1deb17adaa92dc33e4a67cf48e2f8735567ea1c
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a2db9dbe9e508943befef93ba539d3675a5e2c5701ce0671d5f2baab3070a116
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a380dead26703cc5cedd312e8118608fedbab12b0dadf3669560cf9d0fc1ffe0
a386b95ee6408be91dc821b3afcce5a1926add413d8d1a16a03b082f8228e3ba
a3e78c019ae8fe29db0196896a99c75ba2ece17be85133ed9a296f2251a7be29
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a4c64622c6852c7245e0ad647de61ecf09ffb517637ce3b2b3d5f27b48659000
a4d6965d3266302a8fd46eb63fe0af65051f627a1b4bcba983d6579b8561dc3c
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a5703e4d983ecfe345be6d556cd51709d521ac7d3544b2715476a6736599db82
a578f223cff6aee61125a1fea42d6c578f280677ac95b6c7cee4079db9dcd6ee
a6ea5936c12e4e12b40631ac6ba4bf7f1eb97e9e1a7b4593aa2d3fe77a0855f9
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73237a07cec4d81b7cb7995220839f554e2e8936e5d5ae25cc47753f9737c07
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275
a86bc4efae5d48911a9c9d1eb782d0323d456e209dec3bf1bb94f70398142a89
a87dab54792ca3697212f10ca3a1504a38c2c6d609612d0e3954824d2726a172
a88988c02bda9c302903cfbf6371957550308ab5156d9ad2c5094ab9e0a85103
a89436744ba49b4862462535669d5c092b795b37d9b87b3be0e6cf19c0a3765c
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
a8cc48141370dac9626dd5acaba17101a74b9b7afc54d50a70c650cb00e8e789
aa8ca82f682cc889fb3ef3e552efd4c0fbc3a09e44149463d4b1935417d8dcd2
aaf3db87f158cc8ca7d99790c12f6febc62adc030b9d7d232d05df364468b527
abecb263210036c0a1f703c5e83361e4d5e9c1b3f7b6311b9f79e04a575dcb26
abf315cef437546f1c11ddac1e7c764486ce8beb8b37ea6df5c5eb03dc0fce06
ac2397fbe331fb7cc8c5325752c4af7d6c5cb9204a1f810b89fc93c372cbdd37
acc3c4b04f19bc9067921dc3e4ce4f734521bb13b9d0c9943e8fa9585797114f
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ace2938ce7f8b7941c57653daebac67bfd4e21f2014e5b8c62e1b190c55b1e9e
acfb0c398087eda24c8c80f00dfd3f9f54a993d432abbd43b79c61b938be280d
ad23df533eb004fef51ed97db48ee9cd3dede93adc5cea4bba504c24cbff5242
ae85455ff9cb05a60539ecd4a041e1f69bab1e90dae1126ade62dfae410bf31a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afd2447f77118df6fd4b8710c2b23e7bb4edb557795c643e3d8a7c12df4e6586
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3c3a51954dc9824b0abed0296f94f280f96a164ad5145d7506bd27540b398eb
b5fd370d89657c7c2772c818ad007b9b56a82566f1bf2830b1dcd48cc43d8d9a
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9
b9992e87acdce0b56ae06a416a40ba5b4771a9cd7701d97e9487044dbf1b65e0
ba7e0e72735ea304bac8a43e87c2da1b7ee2d6705e8548a2fde134beb08d7b48
bac8cfbf824211c968347626abb52b1fa52986b638d87ea2da59c2d36a461281
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2b09d3d1578d23ab316c001364d242e7353881c74f97436135499d0c354a7a
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bb6ba5e9ea1677a129cec7c8196a74507dbcf98a423093a61c384b061983d0b9
bc05239e85f475138747c2e48ebb50f775cb16f10f248f9e6590cd103bd4d697
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
bc892b20f1f0906f14007ee13282d50fa1510887c165361ee5d714413e64973b
bc8abf663e3c90d575232d827dee5eadb15cca7c6ed48e0e3a2eb2e3b86357e6
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd7726ab279110390a329b55a14d082d04f90a25aa51196728afc3641c7b9708
bd8deb77329d43d402e4fba98db488118b9146e71a68a0aad85bae8af23f7c22
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12
be086e9225341350b89cfd52373ad707a4bb2102deca062edefd4d42a4046a98
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d
c0d8cf0634af4ad0abaef1d597a7db715016a897629445fda9e44710a5434f3a
c1cc9655188304d60324cf42aa184bae2feac78ed46565b1194987e17028f66e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c2ef77df66b02fc9df336757aca83ab40bafe0c46be2834b865d6e73670dca87
c326ccc1689a51d7804d727ca92782455b9fd94f67eaca14cabbb71b7c8eb51e
c383092a7c9719626ffb9418e1a5845742cac61cc6cf54636c741c456c83b26a
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c
c6a10c3d477fcb788e9e03b79db2bee78b54224f6ec75ddecdb97727df9c0338
c6a39e6b2bb7c9edccf5eaa5d51236dcd50df650a73beb16ac62cf787a830ee0
c7338a71358a9c650b15a48d064c090a105a43495bb07789698af3bfa84a1d0c
c7ed7ef9182dc5206d1b7a8038bcfe2b57fc1be96d78b75152e9b713ca4ef2d6
c851e58c318492d4f404559ad6cb21dd7e93595cf9273ec1bec1f85a0baa7ccb
c90cb46d6459b01ab561c8ee788e7bdb5b872298455ebd0f6a4e29271d0ffbfc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb1601b118cb22a328ce403da0ce68713b837bf95dcf609cc771947566b3dfad
cb3c46ed60a76437770bf6aea538cf396e15b40793ed2dd1be113d4d125b25c2
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cc14a42fc3dcdc24b56289a3d40205874f08958e49ecc96deb22e3828c5378b6
cd5b17f46df8a60652af42b2a183820e11bb08ddf8ac525acfe1f4a7be9d4984
ce57bbe0c9c5f3a01c6c4e9c7a1e83f7703df9578a55ac9ab19b72ebc1fc61ee
cecb78b37d91ce43c90d5dfa9c5140d25e7c50c72d3ec7136bdd5d8c71d10fe6
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
cf3c71fbd3d13cd3d485e6bca01d03807c314bf44cb5732e80796bfcdb20961b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0a169f5ea995a0448231d4c9a4cf1809bfa7089d6b6cfc8b085752bb6d968d0
d0b9c05ce31708c1061e034b60c217a0d35afd201434c06d03ba5b20a19cee4d
d0bc9a339b66ab78582f3d4e03c0de404fcfdb87d899a850fcf0ffeedc65d7e4
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0cb9380a208e4cddf7a93ed4ad2f7468ccc54958a3645af896ada3ad7c93c91
d0cf1fcf3f8e456902035d1649158993c3b0dc41a11dd33b05fec0efc675d4c8
d103864d83c571ba3b0e76fc414263a4807e54e221a72b4a5226dc12d96e8521
d114053b0734a32984149e572c5886d065dfe4bcc4c0ab76334dcc6d3662ccc5
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d177fb9d7629d5934c57175f0806c0247153c88279ab8c6868a0afa20f347e88
d191df126d7910f3786c5448ee14ee53c8eac9324c0a14450270b13fb8286c7b
d1a0a1b6d83366106e152f1703e7a4762df4f2a95bcd45dda95c362e27c64fa0
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23
d2645456cb5c5ea8a32c52d8b2a2313d2b32656d99d2583551fd6386ad652e6c
d2cdb4f2ed4b585d772068df75c01d0a360d45d27294188fccf5ceb4255fdc83
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d3e3df2f51e6a24bfeb9dea74be4bc725febbbe204b6d142a962b8b20bfb18ed
d3e6adbda65d2903f09a41c14896d338479636be883f23fd9c22cfdecdadcd26
d48838c5cb12eedc7ddecf68684fdf8a6692818d80bbfb86437d7f4e2d0ad1c6
d4c38f07000ca13625e0f2d6ea9d9eacfab8f2c435b6321a3dc19035d0258e84
d54f50939666738335f3019a76e6013715f287c9c93e41b1c890173c28c1fa26
d5584c3f1652b98a9c22ebdb8c659173665a581ff3482b3b0d78fa5879542b54
d5beb7bba5c75858816b11c8580fdd3bcf604e93a79530e1654c9beae6415b8c
d5c34b347e0993a34b7cb0540222e6a9274a4d23696aaacaa9ce199d890410fc
d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc
d6e1781382459617527de45bb7cadc805553e724a72d42bc74e9afde62dec85f
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d736fec3d1a498edce6b14b45338525830abcd0a102b488d453441ea949fecfb
d7a55c8306ab061ce5580e54de10b733f0531c68c7951e074795a3c809ed530d
d8921a0fcfd2507826836106dcc06e0612c413bf3797cab39402171724b32df0
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9a2077c74530c11a701de2b7637691f24b06c67638a29944b67a0205e859475
d9efe51d4c7d92f6496345559880469c04cd7ab24915ed5bd29bf1a6d95501a4
da60b8624ed3187fd7bb43353bd93cf0f90fc106b077c2174f26f9c4c2495cdb
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
db08d5493654d865ad6fadcdc456bb613e503a715a5c3d181a07f6552b0ef0de
db1fc237470c723b46265bc0ed2f222b6f9d239f2dd7c6a89e5f1c4fadc04c91
db474dcae6035d74edd4ebc274e72dfd03922a986af20695b13e292c817b78c7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd0f92add06ef2856ff0e4e8c41f38aca95a9f00cac3e770bd2f1effe8ba6bc8
dd58ecb208f99270f46c7f9814f22bb6b69c878e3b90beb637422a2a4998e35f
dd68d9f527d4ecda69f14611874f498dfe40b7fac3b1cd198bfbda76dcd432cc
de0034d2770e6ed0f0ed0977cd9448c0580d0817a6d13002c2b75da4c915ae63
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df20d6a696c00699cbf5d87094feb2b052ef949d3c1da0d261809e04b782394c
df4ce8dacc898179c65f813e4b84c94a28cc5df0c6e5d681c80a742f93c60f74
e04a56ad7a9b4d9ff57c4ba0203045adbbb08341e6e629a352be098dc54623a4
e07574273bf2047f5015ff4e6e05db588b780e1d2c04dad6e2d3b03e1170d4ff
e0a0c384222d54f5ef5078e845f601bce1377ce545b2541874f82711c8e56fb2
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e1bb93212595f410e0d69a4f0a1142cf46152d21b8e7800a7d1ad099dd56eb37
e21905907ebc8b9e9b699bf737d869dbeee6d57395af684dfd471bdc85711a10
e26ca0f600387df2f74171d52a5452fc0afb33fdc09b493ab1078dac068dda5d
e2d9873665b253d82363533546fc42d0f280acd1608ff0d530e248991a0659fa
e33e4c5c9c5b8b2830989b944098cfed9a45345254139e0c6a2208ecb0bdd735
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41aa3cb652441cc377ec167263d67889c034c3fbfd9613ea5fcc45224f392a6
e438e5c73cd690022c1729ce8beec8bfeb691d901b13159ace72f50eea75168f
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5ae33e21ae28a09562a1f83306aa093ea1b08266839edf50a3a5ca3520476cf
e5d3f7cad9534723e28aed704f7f5bcbb7f6a2323b2c29f01aa09bc3a46c930d
e6431127cdec75a96283b575168ecc20cf700b8c4a3ef40dfb4bb741a1a79d52
e7bd96688cbb98c39cc3c0dc22f09cbfd22d353d77b651ebc255cfaedfecdbc5
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
ea396e5fee2844b8aedd5ec2180faa7536df06eb16301936dcf1d74e09e2d3e1
eaa1fe6daa6d6efa271e07a942dd6cd521cf367b0f2a1470512f43dc315ad50c
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9
ecb740996ce05e9b7823c9690564a0d7b3840becad640d37e929cd4f4ee1cdf4
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed3c509e79b1db66a421f9a82c3c0be8af6733b2c4fc0a80b6f6b9521bc7b91b
edca2a1c73b32af9fa0bcd22f2863b727ae81863885e83b8486b74612faa9deb
ee22401aef67fb6ec777ab4bd863f43550ddec1fc5f9bef29f01934836ef889f
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
eed615ef950e3225345588fb22a83966c8b754d506339f12172811cb4a0625d6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f098994becd6270ce7bf67f6abc784ba16163757bddf5fe8b8bf548679c37ee1
f0c883d492e1f30ead795b1a819a7dfd5485dbe25a8e2e61ca6358c38ac6e0b7
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
f2ac765523f05c26a3b51f6f34cc4a112262cb125c5cc4452d1cc66524f8cf96
f2f6b277b21f7a9a31905486c4aa8a7c34aad08d798779a3ae7af13555402f0d
f3b00547ca3ae94fd6614c6d99d06296211abbe1bb5d2b7d7ef64500a3e50978
f3f8389488adb5ce620031349c57955ed961b44496372bb0f59fbd09a506d752
f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6d641efa4e5df993502fd85ce365108308eb74fc4a94dfa1082f17a993c237f
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
f88ce80c046186ec6091f3f736524a2a44a21ab4d5989161cfdbf8896e5836d2
fa8d91fc3ee3216f2e7f774e5d07bebdfc1db53c94224be95514a4588179cdfa
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb77c92719b3dc0571048e1248dc889b03afb307d9bb28d54b4610588fb87718
fca1b23045b6c777d30be22aea1e625ed8240bbc298886c7f3c1fce209ebbac2
fce34a2a2c349660263a2a783d95204d1abfb230be895e86b682c3be276fd5e0
fd0eeefd9e804c4919b83d88ffd9b87691d5455706d124704d46e8ca66ebac4a
fd645c33a5dcb38ca3f60ca3b6c7d8fef4bf1fce6b0c7598220117a9bab88b7a
fe996ded19f3c853cd2ee96939b984adb1ef8c2da36b2a26811cae1c46fdb886
feb152f30c9e17b6549f125c529114698a6fba2425827ee1a52ba6448d6181f1