urlscan.io logo urlscan.io
SecurityTrails logo

slate.com Open in urlscan Pro
151.101.130.133  Public Scan

Go To Rescan Add Verdict Report
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Submission: On May 01 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 118 IPs in 10 countries across 111 domains to perform 590 HTTP transactions. The main IP is 151.101.130.133, located in United States and belongs to FASTLY, US. The main domain is slate.com. The Cisco Umbrella rank of the primary domain is 32205.
TLS certificate: Issued by R3 on April 5th 2023. Valid for: 3 months.
This is the only time slate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 151.101.130.133 54113 (FASTLY)
3 151.101.194.133 54113 (FASTLY)
8 2606:4700::68... 13335 (CLOUDFLAR...)
9 2607:f8b0:400... 15169 (GOOGLE)
3 143.204.151.99 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
43 151.101.65.44 54113 (FASTLY)
3 2a03:2880:f01... 32934 (FACEBOOK)
3 6 108.138.106.43 16509 (AMAZON-02)
3 5 2620:116:800b... 14618 (AMAZON-AES)
1 18.164.115.48 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.164.116.28 16509 (AMAZON-02)
1 2600:9000:21d... 16509 (AMAZON-02)
2 54.230.243.220 16509 (AMAZON-02)
1 2602:803:c002... 26667 (RUBICONPR...)
2 107.21.144.28 14618 (AMAZON-AES)
2 104.18.25.185 13335 (CLOUDFLAR...)
7 12 68.67.181.211 29990 (ASN-APPNEX)
2 199.250.161.129 26459 (TTD-ASN-01)
5 21 35.244.159.8 15169 (GOOGLE)
2 35.173.167.165 14618 (AMAZON-AES)
2 2620:100:a001... 19750 (AS-CRITEO)
1 23.57.131.233 16625 (AKAMAI-AS)
2 52.54.34.85 14618 (AMAZON-AES)
1 52.85.61.61 16509 (AMAZON-02)
1 3 2620:100:a001::c 19750 (AS-CRITEO)
1 104.36.115.111 62713 (AS-PUBMATIC)
4 2600:141b:900... 20940 (AKAMAI-ASN1)
2 24 209.54.182.161 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 18.164.124.50 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 54.192.161.188 16509 (AMAZON-02)
2 104.19.150.54 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 209.54.180.72 16509 (AMAZON-02)
1 51.222.39.186 16276 (OVH)
1 52.205.167.202 14618 (AMAZON-AES)
1 35.168.31.100 14618 (AMAZON-AES)
1 35.241.9.51 15169 (GOOGLE)
13 34.107.254.252 396982 (GOOGLE-CL...)
1 34.226.224.89 14618 (AMAZON-AES)
2 24 192.40.39.223 27381 (CASALE-MEDIA)
4 99.84.37.28 16509 (AMAZON-02)
1 1 199.187.193.197 47043 (SMARTADSE...)
1 1 20.127.253.7 8075 (MICROSOFT...)
10 10 141.95.33.111 16276 (OVH)
4 9 3.225.70.135 14618 (AMAZON-AES)
4 23.54.68.197 16625 (AKAMAI-AS)
1 7 104.127.172.242 16625 (AKAMAI-AS)
3 7 198.148.27.139 19189 (PULSEPOINT)
4 6 34.200.65.202 14618 (AMAZON-AES)
8 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 23.92.190.68 32475 (SINGLEHOP...)
1 7 63.251.86.49 10913 (INTERNAP-BLK)
6 24 35.71.139.29 16509 (AMAZON-02)
5 9 2600:1f18:4e9... 14618 (AMAZON-AES)
14 14 35.71.131.137 16509 (AMAZON-02)
17 26 172.217.165.130 15169 (GOOGLE)
20 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 4 68.67.179.153 29990 (ASN-APPNEX)
1 20 54.87.127.173 14618 (AMAZON-AES)
14 14 35.211.178.172 15169 (GOOGLE)
2 2 35.211.233.246 15169 (GOOGLE)
3 4 64.202.112.127 23352 (SERVERCEN...)
2 2 8.43.72.97 26667 (RUBICONPR...)
2 2 54.86.165.56 14618 (AMAZON-AES)
2 2 52.3.14.118 14618 (AMAZON-AES)
2 2 2603:c020:400... 31898 (ORACLE-BM...)
1 2 38.91.45.7 398989 (DEEPINTENT)
8 8 64.202.112.63 22075 (AS-OUTBRAIN)
4 4 104.72.156.219 16625 (AKAMAI-AS)
2 2 34.225.9.104 14618 (AMAZON-AES)
1 2 199.187.193.177 47043 (SMARTADSE...)
6 6 2606:ae80:147... 25751 (VALUECLICK)
2 86.109.7.56 54825 (PACKET)
1 52.94.233.131 16509 (AMAZON-02)
2 151.101.65.108 54113 (FASTLY)
2 151.101.193.108 54113 (FASTLY)
9 12 69.173.151.100 26667 (RUBICONPR...)
4 4 216.200.232.253 30419 (MEDIAMATH...)
1 174.137.133.32 27257 (WEBAIR-IN...)
5 6 151.101.2.49 54113 (FASTLY)
2 2 124.146.215.42 2514 (INFOSPHER...)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.214.153.92 15169 (GOOGLE)
3 3 34.170.123.2 396982 (GOOGLE-CL...)
1 1 51.68.39.188 16276 (OVH)
1 1 80.77.87.163 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 5 8.28.7.81 62713 (AS-PUBMATIC)
1 2 34.200.84.78 14618 (AMAZON-AES)
3 145.40.89.32 54825 (PACKET)
3 54.230.163.71 16509 (AMAZON-02)
4 68.67.153.38 29990 (ASN-APPNEX)
2 108.139.29.93 16509 (AMAZON-02)
3 5 35.208.249.213 19527 (GOOGLE-2)
7 68.67.160.24 29990 (ASN-APPNEX)
4 22 141.226.224.48 200478 (TABOOLA-AS)
1 52.94.223.37 16509 (AMAZON-02)
3 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 199.38.167.130 54312 (ROCKETFUEL)
2 23 8.28.7.83 62713 (AS-PUBMATIC)
3 5 34.111.113.62 396982 (GOOGLE-CL...)
1 2 3.229.9.249 14618 (AMAZON-AES)
4 4 2620:112:f002... 6336 (TURN-US-ASN)
4 35.165.93.196 16509 (AMAZON-02)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
5 2607:f8b0:400... 15169 (GOOGLE)
2 108.139.29.12 16509 (AMAZON-02)
1 74.119.119.139 19750 (AS-CRITEO)
2 151.101.129.44 54113 (FASTLY)
1 4 2600:1f18:612... 14618 (AMAZON-AES)
2 6 63.251.28.234 13789 (INTERNAP-...)
2 2600:1400:900... 20940 (AKAMAI-ASN1)
98 2600:1f18:612... 14618 (AMAZON-AES)
2 2 3.121.62.79 16509 (AMAZON-02)
1 2 199.187.193.179 47043 (SMARTADSE...)
2 2 74.119.119.150 19750 (AS-CRITEO)
1 1 69.166.1.12 27630 (AS-XFERNET)
2 2 50.57.31.206 19994 (RACKSPACE)
3 3 185.167.164.37 198622 (ADFORM)
2 2 35.207.24.140 15169 (GOOGLE)
1 82.145.213.8 39832 (NO-OPERA)
1 141.226.230.50 200478 (TABOOLA-AS)
3 8.28.7.84 62713 (AS-PUBMATIC)
6 6 3.225.186.40 14618 (AMAZON-AES)
1 1 173.231.178.83 32475 (SINGLEHOP...)
1 34.230.139.137 14618 (AMAZON-AES)
1 34.202.144.192 14618 (AMAZON-AES)
1 52.210.233.165 16509 (AMAZON-02)
2 2 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
1 34.120.155.137 396982 (GOOGLE-CL...)
4 104.18.11.47 13335 (CLOUDFLAR...)
1 1 34.236.196.225 14618 (AMAZON-AES)
1 35.169.95.213 14618 (AMAZON-AES)
4 7 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
4 4 52.5.155.111 14618 (AMAZON-AES)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2600:1f18:61c... 14618 (AMAZON-AES)
1 2 54.200.52.185 16509 (AMAZON-02)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 1 44.208.104.156 14618 (AMAZON-AES)
1 2 18.233.122.89 14618 (AMAZON-AES)
1 2 18.204.65.232 14618 (AMAZON-AES)
1 3.217.59.85 14618 (AMAZON-AES)
2 2 207.198.113.86 13768 (COGECO-PEER1)
1 184.73.158.115 14618 (AMAZON-AES)
1 2 38.98.69.175 174 (COGENT-174)
590 118
22    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
slate.com
3    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
compote.slate.com
8    2606:4700::6813:bb61 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
9    2607:f8b0:4006:807::2002 (New York, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    143.204.151.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-151-99.ewr52.r.cloudfront.net
c.amazon-adsystem.com
2    2606:4700:4400::ac40:9062 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
43    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
widget.perfectmarket.com
pm-widget.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprnjmp.taboola.com
wf.taboola.com
vidstatb.taboola.com
match.taboola.com
3    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    108.138.106.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-43.jfk50.r.cloudfront.net
sb.scorecardresearch.com
5    2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    18.164.115.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-115-48.jfk50.r.cloudfront.net
cdn.amplitude.com
1    2606:4700:3033::ac43:c63c (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
10    2606:4700::6811:b9b1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
id.tinypass.com
buy.tinypass.com
api-v3.tinypass.com
3    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
1    18.164.116.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-28.jfk50.r.cloudfront.net
ats-wrapper.privacymanager.io
1    2600:9000:21dd:d800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    54.230.243.220 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-243-220.ewr53.r.cloudfront.net
aax.amazon-adsystem.com
1    2602:803:c002:200::113 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    107.21.144.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-144-28.compute-1.amazonaws.com
tlx.3lift.com
2    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
12    68.67.181.211 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    199.250.161.129 (United States)

ASN26459 (TTD-ASN-01, US)
direct.adsrvr.org
21    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
slate-d.openx.net
u.openx.net
us-u.openx.net
taboola-d.openx.net
2    35.173.167.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-167-165.compute-1.amazonaws.com
krk.kargo.com
2    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
1    23.57.131.233 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-131-233.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    52.54.34.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-34-85.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
1    52.85.61.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-61.ewr53.r.cloudfront.net
geo.privacymanager.io
3    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    2600:141b:9000:49b::268b (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
24    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2607:f8b0:4006:81f::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
4    2607:f8b0:4006:80e::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
googleads.g.doubleclick.net
www.googletagservices.com
4    2607:f8b0:4006:821::2001 (New York, United States)

ASN15169 (GOOGLE, US)
194dc8bc3de6f7266f5cc8ec065a9c4f.safeframe.googlesyndication.com
tpc.googlesyndication.com
1    18.164.124.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-50.jfk50.r.cloudfront.net
fpa-cdn.slate.com
1    2607:f8b0:4006:80d::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    54.192.161.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-161-188.ewr53.r.cloudfront.net
z-na.amazon-adsystem.com
2    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
1    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    209.54.180.72 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
aax-us-east.amazon-adsystem.com
1    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
1    52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com
p1.parsely.com
1    35.168.31.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-31-100.compute-1.amazonaws.com
fpa-events.slate.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co
13    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    34.226.224.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-224-89.compute-1.amazonaws.com
rtb.gumgum.com
24    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
4    99.84.37.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-28.ewr52.r.cloudfront.net
ms-cookie-sync.presage.io
1    199.187.193.197 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-us.smartadserver.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
10    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
9    3.225.70.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-70-135.compute-1.amazonaws.com
match.sharethrough.com
4    23.54.68.197 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-197.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
7    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
6    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
8    2606:4700::6811:b6b1 (United States)

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
2    23.92.190.68 (Charlotte, United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
7    63.251.86.49 (United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
24    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
9    2600:1f18:4e9:5a02:3829:a14e:8be6:e46f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
14    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
26    172.217.165.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f2.1e100.net
cm.g.doubleclick.net
20    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2607:f8b0:4006:817::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:81f::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.ca
4    68.67.179.153 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
20    54.87.127.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-127-173.compute-1.amazonaws.com
usersync.gumgum.com
14    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    35.211.233.246 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
4    64.202.112.127 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    54.86.165.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-165-56.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    52.3.14.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-14-118.compute-1.amazonaws.com
sync.ipredictive.com
2    2603:c020:400d:3000:67b7:1059:7283:c690 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
8    64.202.112.63 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
4    104.72.156.219 (Sterling, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-72-156-219.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    34.225.9.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-9-104.compute-1.amazonaws.com
ad.360yield.com
2    199.187.193.177 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
6    2606:ae80:1471:13::730 (United States)

ASN25751 (VALUECLICK, US)
pulsepoint-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
2    86.109.7.56 (Ashburn, United States)

ASN54825 (PACKET, US)
api.cxense.com
1    52.94.233.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
fls-na.amazon-adsystem.com
2    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
dcdn.adnxs.com
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
12    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
4    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
6    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    124.146.215.42 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.214.153.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com
csync.loopme.me
3    34.170.123.2 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 2.123.170.34.bc.googleusercontent.com
um.simpli.fi
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
1    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
5    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    34.200.84.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-84-78.compute-1.amazonaws.com
um2.eqads.com
3    145.40.89.32 (Ashburn, United States)

ASN54825 (PACKET, US)
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
3    54.230.163.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-71.ewr53.r.cloudfront.net
tagan.adlightning.com
4    68.67.153.38 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: shftr-nym2.adnexus.net
shftr.adnxs.net
2    108.139.29.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-93.jfk50.r.cloudfront.net
choices.trustarc.com
5    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
7    68.67.160.24 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
nym1-ib.adnxs.com
22    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
us-trc-events.taboola.com
us-vid-events.taboola.com
us-match.taboola.com
sync.taboola.com
sync-t1.taboola.com
us-wf.taboola.com
1    52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
23    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    3.229.9.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-9-249.compute-1.amazonaws.com
thrtle.com
4    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
4    35.165.93.196 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-165-93-196.us-west-2.compute.amazonaws.com
api2.amplitude.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    2607:f8b0:4006:81c::2002 (New York, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    108.139.29.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-12.jfk50.r.cloudfront.net
check.analytics.rlcdn.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
4    2600:1f18:612b:4280:7c71:c298:8e44:b36d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
gklfs-x8k98.ads.tremorhub.com
jzwjq.ads.tremorhub.com
6    63.251.28.234 (United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
2    2600:1400:9000::687e:7751 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.stickyadstv.com
98    2600:1f18:612b:4280:baf7:3cd7:4992:8956 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
2    3.121.62.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-62-79.eu-central-1.compute.amazonaws.com
ih.adscale.de
2    199.187.193.179 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
3    185.167.164.37 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    141.226.230.50 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
3    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
6    3.225.186.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-186-40.compute-1.amazonaws.com
match.prod.bidr.io
1    173.231.178.83 (Secaucus, United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    34.230.139.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-139-137.compute-1.amazonaws.com
crb.kargo.com
1    34.202.144.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-144-192.compute-1.amazonaws.com
sync.bfmio.com
1    52.210.233.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-233-165.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
2    2604:9e00:1:129::2:a01 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.marketiq.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
4    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    34.236.196.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-196-225.compute-1.amazonaws.com
usermatch.krxd.net
1    35.169.95.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-95-213.compute-1.amazonaws.com
beacon.krxd.net
7    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
4    52.5.155.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-155-111.compute-1.amazonaws.com
ads.creative-serving.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2600:1f18:61c0:2205:db82:6d3d:b70e:446a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
2    54.200.52.185 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-52-185.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    44.208.104.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-104-156.compute-1.amazonaws.com
pm.w55c.net
2    18.233.122.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-122-89.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    18.204.65.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-65-232.compute-1.amazonaws.com
bcp.crwdcntrl.net
1    3.217.59.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-59-85.compute-1.amazonaws.com
bpi.rtactivate.com
2    207.198.113.86 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    184.73.158.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-158-115.compute-1.amazonaws.com
rtb.adentifi.com
2    38.98.69.175 (New York, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
Apex Domain
Subdomains		 Transfer
102 tremorhub.com
gklfs-x8k98.ads.tremorhub.com — Cisco Umbrella Rank: 16872
partners.tremorhub.com — Cisco Umbrella Rank: 1698
jzwjq.ads.tremorhub.com — Cisco Umbrella Rank: 33115
77 KB
67 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1073
pm-widget.taboola.com — Cisco Umbrella Rank: 32181
trc.taboola.com — Cisco Umbrella Rank: 839
vidstat.taboola.com — Cisco Umbrella Rank: 3230
us-trc-events.taboola.com — Cisco Umbrella Rank: 7410
images.taboola.com — Cisco Umbrella Rank: 2116
imprnjmp.taboola.com — Cisco Umbrella Rank: 10864
us-vid-events.taboola.com — Cisco Umbrella Rank: 10373
us-match.taboola.com — Cisco Umbrella Rank: 11393
wf.taboola.com — Cisco Umbrella Rank: 3426
vidstatb.taboola.com — Cisco Umbrella Rank: 8495
sync.taboola.com — Cisco Umbrella Rank: 1356
sync-t1.taboola.com — Cisco Umbrella Rank: 1472
match.taboola.com — Cisco Umbrella Rank: 7625
pips.taboola.com — Cisco Umbrella Rank: 1900
cds.taboola.com — Cisco Umbrella Rank: 2362
us-wf.taboola.com — Cisco Umbrella Rank: 12002
2 MB
36 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 729
ads.pubmatic.com — Cisco Umbrella Rank: 725
image6.pubmatic.com — Cisco Umbrella Rank: 1037
image2.pubmatic.com — Cisco Umbrella Rank: 1377
simage2.pubmatic.com — Cisco Umbrella Rank: 976
simage4.pubmatic.com — Cisco Umbrella Rank: 1660
image4.pubmatic.com — Cisco Umbrella Rank: 1704
47 KB
36 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
172 KB
33 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 455
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
z-na.amazon-adsystem.com — Cisco Umbrella Rank: 10862
aax-us-east.amazon-adsystem.com — Cisco Umbrella Rank: 1246
fls-na.amazon-adsystem.com — Cisco Umbrella Rank: 9784
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994
88 KB
27 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
secure.adnxs.com — Cisco Umbrella Rank: 604
dcdn.adnxs.com — Cisco Umbrella Rank: 13884
cdn.adnxs.com — Cisco Umbrella Rank: 2239
nym1-ib.adnxs.com — Cisco Umbrella Rank: 2138
102 KB
27 slate.com
slate.com — Cisco Umbrella Rank: 32205
compote.slate.com — Cisco Umbrella Rank: 121664
fpa-cdn.slate.com — Cisco Umbrella Rank: 205303
fpa-events.slate.com — Cisco Umbrella Rank: 154556
636 KB
26 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 768
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
dsum.casalemedia.com — Cisco Umbrella Rank: 2284
21 KB
26 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 797
eb2.3lift.com — Cisco Umbrella Rank: 535
12 KB
22 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 677
eus.rubiconproject.com — Cisco Umbrella Rank: 798
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1475
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1452
token.rubiconproject.com — Cisco Umbrella Rank: 795
42 KB
21 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 2335
usersync.gumgum.com — Cisco Umbrella Rank: 2448
7 KB
21 openx.net
slate-d.openx.net — Cisco Umbrella Rank: 178744
u.openx.net — Cisco Umbrella Rank: 974
us-u.openx.net — Cisco Umbrella Rank: 707
taboola-d.openx.net — Cisco Umbrella Rank: 11819
4 KB
20 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 344
187 KB
18 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 9775
cdn.tinypass.com — Cisco Umbrella Rank: 7704
id.tinypass.com — Cisco Umbrella Rank: 23755
buy.tinypass.com — Cisco Umbrella Rank: 8485
api-v3.tinypass.com — Cisco Umbrella Rank: 31528
233 KB
16 adsrvr.org
direct.adsrvr.org — Cisco Umbrella Rank: 4726
match.adsrvr.org — Cisco Umbrella Rank: 451
9 KB
15 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
7 KB
15 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 3232
api.permutive.com — Cisco Umbrella Rank: 2596
144 KB
14 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 427
6 KB
10 rlcdn.com
check.analytics.rlcdn.com — Cisco Umbrella Rank: 5350
api.rlcdn.com — Cisco Umbrella Rank: 1060
id.rlcdn.com — Cisco Umbrella Rank: 1007
idsync.rlcdn.com — Cisco Umbrella Rank: 621
2 KB
10 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 612
16 KB
9 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
ce.lijit.com — Cisco Umbrella Rank: 1417
9 KB
9 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 777
5 KB
9 googlesyndication.com
194dc8bc3de6f7266f5cc8ec065a9c4f.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
40 KB
9 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 5988
api.cxense.com — Cisco Umbrella Rank: 10816
p1cluster.cxense.com — Cisco Umbrella Rank: 13497
comcluster.cxense.com — Cisco Umbrella Rank: 6880
id.cxense.com — Cisco Umbrella Rank: 11290
85 KB
8 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 829
cdn.stickyadstv.com — Cisco Umbrella Rank: 7203
142 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 813
5 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 803
gum.criteo.com — Cisco Umbrella Rank: 442
mug.criteo.com — Cisco Umbrella Rank: 1686
dis.criteo.com — Cisco Umbrella Rank: 941
9 KB
8 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 615
139 KB
7 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 866
6 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 825
3 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1020
1 KB
6 dotomi.com
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 10516
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4856
casale-match.dotomi.com — Cisco Umbrella Rank: 4976
2 KB
6 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
4 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 695
1 KB
5 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 2349
512 B
5 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 5678
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1052
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 774
1 KB
5 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 4665
api2.amplitude.com — Cisco Umbrella Rank: 1552
22 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1478
pixel.quantserve.com — Cisco Umbrella Rank: 1327
cms.quantserve.com — Cisco Umbrella Rank: 1063
11 KB
4 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 5985
3 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 958
cdn.indexww.com — Cisco Umbrella Rank: 2274
3 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1341
2 KB
4 adnxs.net
shftr.adnxs.net — Cisco Umbrella Rank: 5597
1 MB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 744
2 KB
4 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 842
2 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 987
1 KB
4 presage.io
ms-cookie-sync.presage.io — Cisco Umbrella Rank: 11790
3 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 908
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 733
799 B
3 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2985
61 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1223
1 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
2 KB
3 kargo.com
krk.kargo.com — Cisco Umbrella Rank: 2901
crb.kargo.com — Cisco Umbrella Rank: 2477
2 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3572
onesignal.com — Cisco Umbrella Rank: 1047
74 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
91 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 8064
967 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 985
938 B
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323
853 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2452
835 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 277
2 KB
2 bing.com
c.bing.com — Cisco Umbrella Rank: 413
953 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 1156
775 B
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 2085
beacon.krxd.net — Cisco Umbrella Rank: 807
555 B
2 marketiq.com
rtb2-useast.marketiq.com — Cisco Umbrella Rank: 8761
766 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1505
810 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1965
1 KB
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 3033
633 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 763
58 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 2147
684 B
2 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 1283
2 KB
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 4708
563 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 682
701 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1248
s.tribalfusion.com — Cisco Umbrella Rank: 2774
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1266
2 KB
2 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1939
dsp.adkernel.com — Cisco Umbrella Rank: 9072
569 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
97 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 812
647 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1528
594 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 2037
4 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1318
1019 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1009
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 3496
965 B
2 google.ca
adservice.google.ca — Cisco Umbrella Rank: 14238
www.google.ca — Cisco Umbrella Rank: 8003
986 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 1019
447 B
2 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 4791
geo.privacymanager.io — Cisco Umbrella Rank: 2374
82 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 882
561 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1948
35 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 2733
109 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 4054
308 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1979
181 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 6011
390 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 4014
397 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 2570
425 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1873
592 B
1 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1332 Failed
778 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 3365
467 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1456
763 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1325
786 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1531
660 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 4146
561 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1427
291 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2351
622 B
1 prmutv.co
16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co — Cisco Umbrella Rank: 285631
388 B
1 parsely.com
p1.parsely.com — Cisco Umbrella Rank: 3160
257 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1124
149 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 7114
5 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
51 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1680
17 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1291
2 KB
1 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3999
2 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 9534
3 KB
590 111
Domain Requested by
98 partners.tremorhub.com vidstat.taboola.com
26 cm.g.doubleclick.net 17 redirects u.openx.net
rtb.gumgum.com
ce.lijit.com
eus.rubiconproject.com
eb2.3lift.com
24 eb2.3lift.com 6 redirects s.amazon-adsystem.com
slate.com
eb2.3lift.com
24 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
rtb.gumgum.com
bh.contextweb.com
match.sharethrough.com
ssum-sec.casalemedia.com
ce.lijit.com
ms-cookie-sync.presage.io
eus.rubiconproject.com
ads.pubmatic.com
22 slate.com slate.com
buy.tinypass.com
20 usersync.gumgum.com 1 redirects rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
20 cdnjs.cloudflare.com buy.tinypass.com
17 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
um2.eqads.com
16 cdn.taboola.com slate.com
cdn.taboola.com
15 simage2.pubmatic.com 2 redirects s.amazon-adsystem.com
ads.pubmatic.com
15 us-u.openx.net 4 redirects u.openx.net
slate.com
us-u.openx.net
14 x.bidswitch.net 14 redirects
14 match.adsrvr.org 14 redirects
14 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
13 images.taboola.com slate.com
13 api.permutive.com cdn.permutive.com
12 ib.adnxs.com 7 redirects slate.com
cdn.permutive.com
11 sync.taboola.com 4 redirects
10 id5-sync.com 10 redirects
9 pr-bh.ybp.yahoo.com 5 redirects u.openx.net
ssum-sec.casalemedia.com
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
9 securepubads.g.doubleclick.net slate.com
securepubads.g.doubleclick.net
www.googletagservices.com
8 image2.pubmatic.com ads.pubmatic.com
s.amazon-adsystem.com
8 pixel.rubiconproject.com 5 redirects eus.rubiconproject.com
8 b1sync.zemanta.com 8 redirects
8 cdn.cookielaw.org slate.com
cdn.cookielaw.org
7 nym1-ib.adnxs.com slate.com
cdn.adnxs.com
7 ce.lijit.com 1 redirects s.amazon-adsystem.com
ce.lijit.com
7 bh.contextweb.com 3 redirects s.amazon-adsystem.com
bh.contextweb.com
6 match.prod.bidr.io 6 redirects
6 ads.stickyadstv.com 2 redirects vidstat.taboola.com
cdn.stickyadstv.com
6 sync-tm.everesttech.net 5 redirects ads.pubmatic.com
6 ups.analytics.yahoo.com 4 redirects us-u.openx.net
6 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
slate.com
6 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
rtb.gumgum.com
js-sec.indexww.com
6 sb.scorecardresearch.com 3 redirects slate.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 pixel.tapad.com 3 redirects s.amazon-adsystem.com
5 vidstat.taboola.com cdn.taboola.com
tagan.adlightning.com
5 trace.mediago.io 3 redirects slate.com
5 image6.pubmatic.com 2 redirects ads.pubmatic.com
4 ads.creative-serving.com 4 redirects
4 idsync.rlcdn.com 1 redirects us-u.openx.net
4 api2.amplitude.com cdn.amplitude.com
4 ad.turn.com 4 redirects
4 token.rubiconproject.com 4 redirects
4 shftr.adnxs.net slate.com
4 sync.mathtag.com 4 redirects
4 stags.bluekai.com 4 redirects
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 secure.adnxs.com 4 redirects
4 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
slate.com
4 ms-cookie-sync.presage.io s.amazon-adsystem.com
ms-cookie-sync.presage.io
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
4 trc.taboola.com cdn.taboola.com
3 id.rlcdn.com 3 redirects
3 c1.adform.net 3 redirects
3 sync-t1.taboola.com
3 gklfs-x8k98.ads.tremorhub.com 1 redirects vidstat.taboola.com
3 tpc.googlesyndication.com tagan.adlightning.com
3 us-vid-events.taboola.com slate.com
vidstat.taboola.com
3 px.ads.linkedin.com eus.rubiconproject.com
eb2.3lift.com
3 tagan.adlightning.com slate.com
tagan.adlightning.com
3 um.simpli.fi 3 redirects
3 cms.quantserve.com 3 redirects
3 u.openx.net 1 redirects s.amazon-adsystem.com
3 gum.criteo.com 1 redirects cdn.taboola.com
tagan.adlightning.com
3 connect.facebook.net slate.com
connect.facebook.net
3 c.amazon-adsystem.com slate.com
c.amazon-adsystem.com
3 compote.slate.com slate.com
2 pmp.mxptint.net 1 redirects
2 pixel-sync.sitescout.com 2 redirects
2 bcp.crwdcntrl.net 1 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 cdn.indexww.com ssum-sec.casalemedia.com
2 c.bing.com eb2.3lift.com
2 pippio.com 2 redirects
2 js-sec.indexww.com slate.com
2 rtb2-useast.marketiq.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 rtb.mfadsrvr.com 2 redirects
2 uipglob.semasio.net 2 redirects
2 dis.criteo.com 2 redirects
2 rtb-csync.smartadserver.com 1 redirects
2 ih.adscale.de 2 redirects
2 cdn.stickyadstv.com vidstat.taboola.com
cdn.stickyadstv.com
2 check.analytics.rlcdn.com slate.com
2 us-match.taboola.com tagan.adlightning.com
2 static.criteo.net slate.com
static.criteo.net
2 thrtle.com 1 redirects s.amazon-adsystem.com
2 us-trc-events.taboola.com slate.com
2 choices.trustarc.com slate.com
dcdn.adnxs.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 creativecdn.com 2 redirects
2 tg.socdm.com 2 redirects
2 www.googletagservices.com securepubads.g.doubleclick.net
2 cdn.adnxs.com slate.com
2 dcdn.adnxs.com slate.com
2 api.cxense.com cdn.cxense.com
2 pulsepoint-match.dotomi.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects
2 ad.360yield.com 2 redirects
2 match.deepintent.com 1 redirects rtb.gumgum.com
2 sync.technoratimedia.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 www.google.com slate.com
tagan.adlightning.com
2 ap.lijit.com 2 redirects
2 cdn.permutive.com slate.com
cdn.permutive.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 bidder.criteo.com slate.com
2 krk.kargo.com slate.com
2 slate-d.openx.net slate.com
2 direct.adsrvr.org slate.com
2 htlb.casalemedia.com slate.com
2 tlx.3lift.com slate.com
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 cdn.onesignal.com slate.com
cdn.onesignal.com
2 geolocation.onetrust.com cdn.cookielaw.org
1 rtb.adentifi.com
1 bpi.rtactivate.com
1 ad.mrtnsvr.com 1 redirects
1 jzwjq.ads.tremorhub.com vidstat.taboola.com
1 d.adroll.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 tags.rd.linksynergy.com 1 redirects
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 api.rlcdn.com slate.com
1 us-wf.taboola.com vidstat.taboola.com
1 dsp.adkernel.com 1 redirects
1 image4.pubmatic.com
1 synchroscript.deliveryengine.adswizz.com
1 sync.bfmio.com
1 crb.kargo.com
1 cm.adgrx.com 1 redirects
1 pm.w55c.net
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 t.adx.opera.com
1 match.taboola.com
1 sync.go.sonobi.com 1 redirects
1 taboola-d.openx.net vidstat.taboola.com
1 vidstatb.taboola.com
1 mug.criteo.com
1 wf.taboola.com vidstat.taboola.com
1 imprnjmp.taboola.com tagan.adlightning.com
1 api-v3.tinypass.com cdn.tinypass.com
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 p.rfihub.com 1 redirects
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 p1cluster.cxense.com cdn.cxense.com
1 secure-assets.rubiconproject.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 csync.loopme.me 1 redirects
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 sync.adkernel.com rtb.gumgum.com
1 fls-na.amazon-adsystem.com slate.com
1 www.google.ca slate.com
1 sync.inmobi.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 rtb.gumgum.com s.amazon-adsystem.com
1 16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co cdn.permutive.com
1 fpa-events.slate.com slate.com
1 p1.parsely.com slate.com
1 onetag-sys.com s.amazon-adsystem.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 aax-us-east.amazon-adsystem.com z-na.amazon-adsystem.com
1 www.facebook.com slate.com
1 c2.piano.io cdn.tinypass.com
1 z-na.amazon-adsystem.com slate.com
1 www.googletagmanager.com slate.com
1 fpa-cdn.slate.com slate.com
1 id.tinypass.com cdn.tinypass.com
1 194dc8bc3de6f7266f5cc8ec065a9c4f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.ca securepubads.g.doubleclick.net
1 onesignal.com cdn.onesignal.com
1 hbopenbid.pubmatic.com slate.com
1 pixel.quantserve.com slate.com
1 geo.privacymanager.io ats-wrapper.privacymanager.io
1 secure.cdn.fastclick.net slate.com
1 pm-widget.taboola.com widget.perfectmarket.com
1 cdn.tinypass.com experience.tinypass.com
1 fastlane.rubiconproject.com slate.com
1 rules.quantcount.com secure.quantserve.com
1 ats-wrapper.privacymanager.io slate.com
1 widget.perfectmarket.com cdn.taboola.com
1 experience.tinypass.com slate.com
1 www.npttech.com slate.com
1 cdn.amplitude.com slate.com
1 secure.quantserve.com slate.com
590 200
Subject Issuer Validity Valid
slate.com
R3		 2023-04-05 -
2023-07-04		 3 months crt.sh
*.slate.com
R3		 2023-04-04 -
2023-07-03		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-07 -
2023-05-08		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
cdn.amplitude.com
Amazon RSA 2048 M01		 2023-01-12 -
2024-02-11		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-27 -
2023-10-29		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-24		 7 months crt.sh
quantserve.com
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-13		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.google.ca
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
fpa-events.slate.com
Amazon RSA 2048 M01		 2023-02-28 -
2023-07-19		 5 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
z-na.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-18 -
2024-02-17		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
aax-us-east.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.parsely.com
R3		 2023-03-14 -
2023-06-12		 3 months crt.sh
*.prmutv.co
R3		 2023-03-14 -
2023-06-12		 3 months crt.sh
api.permutive.com
R3		 2023-04-17 -
2023-07-16		 3 months crt.sh
gumgum.com
Amazon RSA 2048 M01		 2023-02-17 -
2023-08-05		 6 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.ogury.co
Amazon RSA 2048 M02		 2023-02-21 -
2023-09-16		 7 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-08-12		 5 months crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
fls-na.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
um3.eqads.com
Amazon RSA 2048 M02		 2023-03-02 -
2023-07-09		 4 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-07-07		 4 months crt.sh
*.adnxs.net
GeoTrust TLS RSA CA G1		 2023-02-24 -
2024-03-26		 a year crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2023-04-17 -
2024-05-14		 a year crt.sh
*.mediago.io
GlobalSign GCC R3 DV TLS CA 2020		 2023-01-13 -
2024-02-11		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2023-01-23 -
2024-02-14		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2023-02-28 -
2023-08-25		 6 months crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
cdn.stickyadstv.com
R3		 2023-03-29 -
2023-06-27		 3 months crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-03-07 -
2023-09-07		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
adentifi.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-03		 6 months crt.sh

This page contains 68 frames:

Primary Page: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Frame ID: 0491353F5410EA089227DC8D4AC00307
Requests: 286 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&dcc=t
Frame ID: CF8BC82BE868E0CA18B1460200BABB50
Requests: 1 HTTP requests in this frame

Frame: https://194dc8bc3de6f7266f5cc8ec065a9c4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F6FC6C49533CF2636869B2ACE7BDA451
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 6CE091E7A2E687FC8166B68283F10DEC
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 20CC8169B03AC45C3715A573B19DABF7
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 9CBD9256DCEC9079FD6143E71F25A4DD
Requests: 9 HTTP requests in this frame

Frame: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Frame ID: 4656DDC8C6A4F9C6CD90D8C15B82AB21
Requests: 5 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 672E565E969CBB58B28F417A76C47D53
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8433210686061420878&gdpr=0&gdpr_consent=
Frame ID: DD34999AAFA9D13F5563DEDCD5E76B5B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-8f2ecMn3ZDRpurp-JBF-C-cwDOLljfJZqEjb-WN-ZA
Frame ID: C98CEAB1ECEBB6FF348222AE6D658C54
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: BD805F8A3B567C6902529D3CE118ACEC
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: FFF474AA24E29E3D38E105832040EBBA
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: A42C40A6396A5DF93EBAE69A4927E22D
Requests: 11 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: C0F9AEA3E13FC705E627FBB4BBD0D1C5
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JVXp0U2NSRTJ1TFRCOGJ4bFI0NWNHaktHbmN1RnpBRH5B
Frame ID: 1265001A4D1AA42F48320F03818BC404
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=1217742735073133822&ex=appnexus.com
Frame ID: E9DD845F3EB13F6351B2154B3B6C0395
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Frame ID: 33240FBFA6C04AD1B0E96367450383B2
Requests: 21 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Frame ID: E74D687BF2822BD2B0CE7F689C56528E
Requests: 18 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 91D48274C2388A63C66668AB42527D11
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3260224274252108573155
Frame ID: 7D7F9E350B50CE763AE4FF9D94A5AA0F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 3795D1E98141B8B48E09E466211A3D68
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst41l5h7xts5syRZJ6Vo8Ugwoi1kX2-IT51WcWdX60BI7mRb2oXsqX1Jm9H2K-Apppb9-Jy3R3CojobIWkUB-G3sGXvXyGILPgUeh3UH-i6dHtORVQBmWWD7FOR21PfJw-UCUY3P0AFUFVawna5F6lZCchDGo9CVgrW5YPldpXe-JwQUs83UZLCkmFwzsheV9_R9I65aPqaaShteWgNdwxdi2FPnqtgZ1TQi5Zn_IqEhLHUC-K14ZIcHcgTtc0sjRGbBQQ7cPSJKUXf4YxXIH0QQkZl9Anz2LFru_yxVnVwlFRok8YiwFr1f8Zpyesy8ayCdjtNZb0zvWm1yF0pEg&sai=AMfl-YQ3BBpooef7UlkEe6y01oPdPzHHeYLfzW8aqhvjh725gDNqtQweKHxYoqkT58L7AQxp-YiegEw74ZeSqDokH1gMwPi_5dCIn0uRXZ1u6biEKxE50yI0-X0OcunF7Hwk5Z-FQ_KQ_egHYYgFs-M&sig=Cg0ArKJSzLAvEh--LomtEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AE2CDD7D2138E89F631AA7710F7EDEF2
Requests: 14 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=778b644f-08cd-4200-9c5c-da65e0d1f631&gdpr=&gdpr_consent=
Frame ID: 918487E3F1017D27EBDE71C5E144F263
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 82AB4484778B497F67B820B03A3D15D1
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZE8IzAAGrfCaLwAp&gdpr=&gdpr_consent=&_test=ZE8IzAAGrfCaLwAp
Frame ID: C8E1CF5368034F2D099991D309EE489B
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9kZDEwYWRmMC1mY2NmLTQ0YjgtYmMzMS1jNzI5NWNkMTQxZWM=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: E9EE6276579013B6FBACAC5C5FB2B9C7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 6B94ECFF9F099D309585130D9DD8280A
Requests: 12 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=2ceafc3a-8e26-4266-b01b-ef810856e5c7
Frame ID: 2BF369BD39DE3398FA37D3EA5A8E4A36
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZE8IzcCo8X0AAIOrpPkAAAAA
Frame ID: 75E9209938AF43BF85E2D5E883CC08BE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=f0b70f73-cbb2-4720-91cd-e39926ff3dec
Frame ID: 65D7E5176BF07E5C4FBF17E9903186FE
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: F81852BA2225C42FC0A2EAA0137EFA7C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=RDgIAw7H5oEzuDq18Bgx&pi=gumgum&tc=1
Frame ID: 12BAC843B625FDBD30DA9355AEDA7F0C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 2B23B2A56683F1E90BA400F1F29188C6
Requests: 3 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 62A7AD792298C272919B558F5CAB0811
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupy8WW-K9CBleGas-asBL1Y0RkGbbt9o8LNmla2dpW3MWIC0j2iSDk5xGYqILdHeVvmIZn6RaV4BQk9htlIrzcBlZS-2wJaOv0r-8HR3fDEAZ1dmfrVK8xZmmq8hK28mR-TxtLPf8mxp5fbRn8I64WoiGH3dB4DsWK9rubHl_CRgSCw9Cj_xMmHTRx5Gpm6krewWtFet9F_twGqdarHx3GgSspzTwNRPQrpGdrk3k6kS4IjkBXjBhdkDLVEXFVzpgcOob_b4Hf7iH41xTO0-9EI8yW6Q5yQAWoZaKvdXSlZVZGkAj9pZMLfqny0tW9-GJ2h82rW0c4-5wLrKSl0A&sai=AMfl-YSz4aFT15cUZ_xkK4_gnJLmf4PvXlB2lSm95yBPbIG0uInSeViQzAGW5Yk8obp4YmP4IsfkuWFjGr3EjKDH2lBW9HeniU49ROSL4UHlttEtHUY2K74blI2LcoFDTihiDW8kuC-rrOznuiyLgiw&sig=Cg0ArKJSzDNIZvFr8R_-EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F8584360AA56E77E9D1913759583750F
Requests: 16 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: C3540B4F895967139C93811EA5C16C19
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033163313265937
Frame ID: 9B33E54AEE0B39749AA9BCE6F7087A0F
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID0F1C5E77-729B-4F92-8E83-B7A886DE1C71
Frame ID: 4036557DE962493DC5A2CAEB2BCBD54B
Requests: 1 HTTP requests in this frame

Frame: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8-ygCLAbcxoqhqbgJtxG4jRVDU3ETbisAAABgYID-AAnMdivjwjZyi1wLz1q0GTnWEpfDtdYYNxPfxjMYLlcWIyCB2W5lXNhGbpFr4VmLNiPHWuJyuNYa42bi23gGw-XKYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd6zdlhetk1frdf9PIY7X6z3-f8SwaTwV4x2Wv-Zofl97SbPG-hw-N1qx1m38Pycis8pqft5ZZYXg6P0S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA4DJBoHokANC--2my8th9gcAAAAAEAAAAAAkABCYq0sAxMzlnfj_________jzFAn3kj4_____-GQg-ABx8AD0IAAAAuhiQ4BaqaI20xEyGwKsIIAAAAQCVO5u6RSTpBxaLK__9_vxWAKwAAAYfUul0fWXQHJd7CAAAAEIxZoIfF7zc77Bq_22X-_________838n_lHI1RTP5xGeBLFXs0vIADAml9AAAA26gYA4E0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHlxjgaLFcO32JkWZg2holvNRrOdjPTcrnw7Rbek1bDJjDSWlvUJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVkgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYzNJp7NbrdbqwYbi1s0Ma3cwt1g5taNXKPdYjIYGYe7tej1MV1Mw-HKNPEiwYCovUieFulEYrG4JqOJx-HbmBYrl3Hh3A0Wk4nJ5hisfDOHaSKWaE4W6UR22ZeWG-NosFw5fIuRZWHaGCa-1Wg4281My-XCt1v4a7OJZ7Pb7daqwcbiFk1MK7dwN5i5dSPXaLeYDEbG4W4ten1MF9NwuDJN_I3ZcLIcLBbL1b4xG06Wg8Viudp36Azf1edsVK5lj4_LVs0Wxuaaw6BwGSzeleq00hYkB232KnK6NDNlUWf0-_1-v9_v9_v9foPWczAbFL7v0DocR64fZ3bxPYgNCkUsEVykE83ZYXp5_G6LWKI0XaQTvejlMdr9Zr_P-ZcMJoO9YrLX_M0Oy-9pN3neQofH61Y7zL6H5eVWeExP28stsbwcHqNdaHqbLWKJ4HSRTkQv4-mi_iOHGC3nqtlcsdrMFcPdKgEAAAAAAAAAWIJJppsAAAAAOBnUbrabrNbpYCajwXCyWi6AC4ZWXT_hZlNgrILbxRp7DGHODtPL43dbGcAFwyqzzT4jiLVaLWsAAAAC2AAAAAK46cabQHQo7v___38cAAAAGTn0AAAA6PcBScUduVLohfMriMFwtdo_ABVirVar2421Wi0!&cmcv=&pix=undefined&cb=1682901197942&uv=3270&tms=1682901197942&abt=id5mc_vA!nonrv_vA!tbt_lite_unit!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=067e8a6d-d5a3-43d1-bea5-c83b7c3089eb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 2D71E79A6F95F458FC4D41E234276D01
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V8-ygCLAbcxoqhqbgJtxG4jRVDU3ETbisAAABgYID-AAnMdivjwjZyi1wLz1q0GTnWEpfDtdYYNxPfxjMYLlcWIyCB2W5lXNhGbpFr4VmLNiPHWuJyuNYa42bi23gGw-XKYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd6zdlhetk1frdf9PIY7X6z3-f8SwaTwV4x2Wv-Zofl97SbPG-hw-N1qx1m38Pycis8pqft5ZZYXg6P0S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA4DJBoHokANC--2my8th9gcAAAAAEAAAAAAkABCYq0sAxMzlnfj_________jzFAn3kj4_____-GQg-ABx8AD0IAAAAuhiQ4BaqaI20xEyGwKsIIAAAAQCVO5u6RSTpBxaLK__9_vxWAKwAAAYfUul0fWXQHJd7CAAAAEIxZoIfF7zc77Bq_22X-_________838n_lHI1RTP5xGeBLFXs0vIADAml9AAAA26gYA4E0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHlxjgaLFcO32JkWZg2holvNRrOdjPTcrnw7Rbek1bDJjDSWlvUJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVkgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYzNJp7NbrdbqwYbi1s0Ma3cwt1g5taNXKPdYjIYGYe7tej1MV1Mw-HKNPEiwYCovUieFulEYrG4JqOJx-HbmBYrl3Hh3A0Wk4nJ5hisfDOHaSKWaE4W6UR22ZeWG-NosFw5fIuRZWHaGCa-1Wg4281My-XCt1v4a7OJZ7Pb7daqwcbiFk1MK7dwN5i5dSPXaLeYDEbG4W4ten1MF9NwuDJN_I3ZcLIcLBbL1b4xG06Wg8Viudp36Azf1edsVK5lj4_LVs0Wxuaaw6BwGSzeleq00hYkB232KnK6NDNlUWf0-_1-v9_v9_v9foPWczAbFL7v0DocR64fZ3bxPYgNCkUsEVykE83ZYXp5_G6LWKI0XaQTvejlMdr9Zr_P-ZcMJoO9YrLX_M0Oy-9pN3neQofH61Y7zL6H5eVWeExP28stsbwcHqNdaHqbLWKJ4HSRTkQv4-mi_iOHGC3nqtlcsdrMFcPdKgEAAAAAAAAAWIJJppsAAAAAOBnUbrabrNbpYCajwXCyWi6AC4ZWXT_hZlNgrILbxRp7DGHODtPL43dbGcAFwyqzzT4jiLVaLWsAAAAC2AAAAAK46cabQHQo7v___38cAAAAGTn0AAAA6PcBScUduVLohfMriMFwtdo_ABVirVar2421Wi0!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 8C26E5D163B62134825AE028B5108309
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=slate.com
Frame ID: D7C32B52D1C323C2948A2DCDE02A49AF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 568BF2BD0261E1BA5DF9CD03697FCE38
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E20688AFDBBDB8FC60C9ADF34053F58C
Requests: 2 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V8-ygCLAbcxoqhqbgJtxG4jRVDU3ETbisAAABgYID-AAnMdivjwjZyi1wLz1q0GTnWEpfDtdYYNxPfxjMYLlcWIyCB2W5lXNhGbpFr4VmLNiPHWuJyuNYa42bi23gGw-XKYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd6zdlhetk1frdf9PIY7X6z3-f8SwaTwV4x2Wv-Zofl97SbPG-hw-N1qx1m38Pycis8pqft5ZZYXg6P0S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA4DJBoHokANC--2my8th9gcAAAAAEAAAAAAkABCYq0sAxMzlnfj_________jzFAn3kj4_____-GQg-ABx8AD0IAAAAuhiQ4BaqaI20xEyGwKsIIAAAAQCVO5u6RSTpBxaLK__9_vxWAKwAAAYfUul0fWXQHJd7CAAAAEIxZoIfF7zc77Bq_22X-_________838n_lHI1RTP5xGeBLFXs0vIADAml9AAAA26gYA4E0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHlxjgaLFcO32JkWZg2holvNRrOdjPTcrnw7Rbek1bDJjDSWlvUJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVkgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYzNJp7NbrdbqwYbi1s0Ma3cwt1g5taNXKPdYjIYGYe7tej1MV1Mw-HKNPEiwYCovUieFulEYrG4JqOJx-HbmBYrl3Hh3A0Wk4nJ5hisfDOHaSKWaE4W6UR22ZeWG-NosFw5fIuRZWHaGCa-1Wg4281My-XCt1v4a7OJZ7Pb7daqwcbiFk1MK7dwN5i5dSPXaLeYDEbG4W4ten1MF9NwuDJN_I3ZcLIcLBbL1b4xG06Wg8Viudp36Azf1edsVK5lj4_LVs0Wxuaaw6BwGSzeleq00hYkB232KnK6NDNlUWf0-_1-v9_v9_v9foPWczAbFL7v0DocR64fZ3bxPYgNCkUsEVykE83ZYXp5_G6LWKI0XaQTvejlMdr9Zr_P-ZcMJoO9YrLX_M0Oy-9pN3neQofH61Y7zL6H5eVWeExP28stsbwcHqNdaHqbLWKJ4HSRTkQv4-mi_iOHGC3nqtlcsdrMFcPdKgEAAAAAAAAAWIJJppsAAAAAOBnUbrabrNbpYCajwXCyWi6AC4ZWXT_hZlNgrILbxRp7DGHODtPL43dbGcAFwyqzzT4jiLVaLWsAAAAC2AAAAAK46cabQHQo7v___38cAAAAGTn0AAAA6PcBScUduVLohfMriMFwtdo_ABVirVar2421Wi0!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: F15F33C93C7E28A5C30D93FC0DAC37CF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: D77262F9C5B989782D85B99DC1877BC5
Requests: 4 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZE8IzcCo8X0AAIOrpPkAAAAA
Frame ID: 5E6F48E1447BB5D17D5913699977889B
Requests: 23 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&redir=true&gdpr=0&gdpr_consent=
Frame ID: F9C4492977B03F8AED7A7C3FA849E7B1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAErwE7InhIAACEgpNW--w&gdpr=0&gdpr_consent=
Frame ID: 43FE2422FEA95D0A6DD4CE6E7ED3B536
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:778b644f-08cd-4200-9c5c-da65e0d1f631&gdpr=0&gdpr_consent=
Frame ID: A1A586BE08E725A3130D02EF0A25616D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c5daa5f8-e7b7-11ed-81c4-b1999ba94c6c
Frame ID: 57D2411DF5DB3ECA1EDB98AC05FB0FDD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1217742735073133822&gdpr=0&gdpr_consent=
Frame ID: 9AE512043795C8BA1F62D7884717E900
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=0F1C5E77-729B-4F92-8E83-B7A886DE1C71
Frame ID: 9DCC84A775545B8A414817C813AAE42D
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 9DA248F825A42F236204AEF826803B90
Requests: 11 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=5&ph=9acd25d6-8da2-412c-9970-252825fa0fef&gdpr=0&us_privacy=1---
Frame ID: 3E823C6DD4DEC2CDCDF3903BDD27C4C6
Requests: 6 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=5&ph=9acd25d6-8da2-412c-9970-252825fa0fef&gdpr=0&us_privacy=1---
Frame ID: 33E565F548BEC7DFBA197D39AF3B5096
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161864&us_privacy=1---
Frame ID: BD2ACFC3B93AF34EBA8DE230C6FD95F8
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 61A087562B0B9FF53D013710F8588E96
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BC2834FFACD339181CE8A0C140DAF04D
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 24D76F17CA0BAF8E0190219E61B11830
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: DD862AF31CE9DF986D319072BA9EF600
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: FF330F236B9E83CDFD793A1DE848B4D7
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 766179B49F81362592CB078C5337A368
Requests: 10 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ve8rzlPjfMpOvinLUeIyy1vrJ5FOui3OUumOn8nK
Frame ID: 6EBBE538459200B5F65F3716690E7720
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_85fa64530a2144f3bcfe0
Frame ID: 23513053D176CC16042C3AA2E6ECF99B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 831E052F93128E4A7AF1DFD3AEA389F0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent=
Frame ID: 51DA04E2E4A76431870DE5DFD2348C3F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:l8m68DHp1PThtK5&gdpr=0&gdpr_consent=
Frame ID: 2F7AEA5B06DFD1A19BC8187B2A597DC3
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71
Frame ID: 9D02839A0BFF38B4BEAC84FD796CC277
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The SolarWinds hack is unlike anything we have seen before.Activating this button will toggle the display of additional contentSlate homepageSubmit searchEnter queryActivating this button will toggle the display of additional contentOpen menuClose menuActivating this button will toggle the display of additional contentSlate on InstagramSlate on TwitterSlate on FacebookSlate on YouTubeSlate homepage*Slate on InstagramSlate on TwitterSlate on FacebookSlate on YouTubeThe Slate Group logo

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

590
Requests

79 %
HTTPS

23 %
IPv6

111
Domains

200
Subdomains

118
IPs

10
Countries

5953 kB
Transfer

13562 kB
Size

252
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://sb.scorecardresearch.com/cs/18406752/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 46
  • https://sb.scorecardresearch.com/b?c1=2&c2=18406752&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682901195844&ns_c=UTF-8&c7=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&c8=The%20SolarWinds%20hack%20is%20unlike%20anything%20we%20have%20seen%20before.&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=18406752&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682901195844&ns_c=UTF-8&c7=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&c8=The%20SolarWinds%20hack%20is%20unlike%20anything%20we%20have%20seen%20before.&c9=
Request Chain 47
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682901195844&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&c8=The%20SolarWinds%20hack%20is%20unlike%20anything%20we%20have%20seen%20before.&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682901195844&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&c8=The%20SolarWinds%20hack%20is%20unlike%20anything%20we%20have%20seen%20before.&c9=
Request Chain 72
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&dcc=t
Request Chain 103
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 106
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8433210686061420878&gdpr=0&gdpr_consent=
Request Chain 107
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-8f2ecMn3ZDRpurp-JBF-C-cwDOLljfJZqEjb-WN-ZA
Request Chain 111
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 112
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JVXp0U2NSRTJ1TFRCOGJ4bFI0NWNHaktHbmN1RnpBRH5B
Request Chain 113
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1217742735073133822&ex=appnexus.com
Request Chain 120
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 121
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3260224274252108573155
Request Chain 126
  • https://match.adsrvr.org/track/cmf/openx?oxid=4bd3870b-3ed1-795d-eb7c-962b992961fc&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=4bd3870b-3ed1-795d-eb7c-962b992961fc&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ceafc3a-8e26-4266-b01b-ef810856e5c7&ttd_puid=4bd3870b-3ed1-795d-eb7c-962b992961fc&gdpr=0&gdpr_consent=
Request Chain 128
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIUSBzQS9fg0E0OKNG6BYao&google_cver=1
Request Chain 165
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1217742735073133822
Request Chain 166
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_dd10adf0-fccf-44b8-bc31-c7295cd141ec&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_dd10adf0-fccf-44b8-bc31-c7295cd141ec&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=b396bfb6-8ff1-4e87-8bea-092305024ea2&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=&gdpr_consent=&us_privacy=
Request Chain 167
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28gTzE7je0bL3jUrvHvyMB0n67pgETWkxZgBF2JibFImkYPhDkYHbERJzMeIGmk1Ix%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28gTzE7je0bL3jUrvHvyMB0n67pgETWkxZgBF2JibFImkYPhDkYHbERJzMeIGmk1Ix%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_dd10adf0-fccf-44b8-bc31-c7295cd141ec&obuid=ENC(gTzE7je0bL3jUrvHvyMB0n67pgETWkxZgBF2JibFImkYPhDkYHbERJzMeIGmk1Ix) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LH43X5G9-W-CF1I&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Request Chain 168
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=bcee237b-16c4-410b-8c07-86c6517960ba
Request Chain 169
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-aee3e84a-9648-5082-7b18-bc1b6a6da401$ip$149.56.153.187
Request Chain 170
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-BK07ZeVE2pcFTzM0r6Qh22zyj7TYH.le1pCy~A
Request Chain 171
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=1608ec07-25bd-4a37-83ed-b449872e489b
Request Chain 172
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=5597529CCA40456999768DE69389154D
Request Chain 174
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_dd10adf0-fccf-44b8-bc31-c7295cd141ec&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=HFec2YkIGWgZAP77xHbg&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVEEMZLDGJMWWSKHK5TVUQKQG43XQSDCM4 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVEEMZLDGJMWWSKHK5TVUQKQG43XQSDCM4 HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=HFec2YkIGWgZAP77xHbg
Request Chain 175
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=52de0b4b-82e3-4a30-a0e6-78e647fb725d
Request Chain 176
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=n5Rjf5W01gnn&ev=1&pid=558355
Request Chain 177
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=8433210686061420878
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=bk9kT2RoNXFweHpQbUtLcUsxaFdmZw&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEME2wRl8BSoc7blc413ATI0&google_cver=1
Request Chain 180
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=61597a5930870564&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAACSpP2su2lggML40bCAAAAAAA&expiration=1682987596&nuid=&is_secure=true
Request Chain 191
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2ceafc3a-8e26-4266-b01b-ef810856e5c7&gdpr=0&gdpr_consent=
Request Chain 192
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2ceafc3a-8e26-4266-b01b-ef810856e5c7&gdpr=0&gdpr_consent=
Request Chain 193
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=HFec2YkIGWgZAP77xHbg&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZTWI4DSHUYCM43POVZGGZK7NFSD2YJXHEZTKMZQGU4DCNDGHBRTKZJSMEZTIYTBGU2CM43POVZGGZK7OVZWK4S7NFSD2SCGMVRTEWLLJFDVOZ22IFIDON3YJBRGO&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZTWI4DSHUYCM43POVZGGZK7NFSD2YJXHEZTKMZQGU4DCNDGHBRTKZJSMEZTIYTBGU2CM43POVZGGZK7OVZWK4S7NFSD2SCGMVRTEWLLJFDVOZ22IFIDON3YJBRGO HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=HFec2YkIGWgZAP77xHbg
Request Chain 194
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LH43X5G9-W-CF1I&gdpr=0
Request Chain 195
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=778b644f-08cd-4200-9c5c-da65e0d1f631&gdpr=&gdpr_consent=
Request Chain 197
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZE8IzAAGrfCaLwAp HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZE8IzAAGrfCaLwAp&gdpr=&gdpr_consent=&_test=ZE8IzAAGrfCaLwAp
Request Chain 200
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=2ceafc3a-8e26-4266-b01b-ef810856e5c7
Request Chain 201
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZE8IzcCo8X0AAIOrpPkAAAAA
Request Chain 202
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=2ceafc3a-8e26-4266-b01b-ef810856e5c7&expiration=1685493196&gdpr=0&gdpr_consent=
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE8IzFXUuxVLPNY5y8A8iAAAAKwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDGYkLx42Hy9ir88uTfR1Kk&google_cver=1
Request Chain 205
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE8IzFXUuxVLPNY5y8A8iAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELE4Gtoahdz3-DGzHS5l0tk&google_cver=1
Request Chain 206
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=l5KSg5GexYeMw5CGk5-LhpmWntyMx5SDkJQiGG0Y
Request Chain 207
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZE8IzFXUuxVLPNY5y8A8iAAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZE8IzFXUuxVLPNY5y8A8iAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259157762175
Request Chain 208
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=69a0fa36-3253-43ca-8d85-307195cd265f&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 211
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=1217742735073133822&gdpr=0&gdpr_consent=
Request Chain 212
  • https://um.simpli.fi/lj_match?r=1682901196715&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=E221993AEBB24A2B8493EE00CA67D0D7
Request Chain 213
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=fmx&bsw_custom_parameter=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=b288d4ed-1a7a-4989-9a3a-da6049374581&expires=1&user_group=5&ssp=fmx&bsw_param=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent=
Request Chain 214
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=kDiH9pY00PKLaYXzlDWe8548i6mLbYH2lz7aycZs
Request Chain 215
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tlaGhQWkhaSHNHYXU2cVQ2aWYxeTFu&gdpr=0
Request Chain 216
  • https://cs.admanmedia.com/sync/gumgum?puid=u_dd10adf0-fccf-44b8-bc31-c7295cd141ec&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=f0b70f73-cbb2-4720-91cd-e39926ff3dec
Request Chain 218
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=RDgIAw7H5oEzuDq18Bgx&pi=gumgum&tc=1
Request Chain 219
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 225
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 239
  • https://trace.mediago.io/cs/xandr?rdid=cbb5b480f497760b2fa80d45137584a0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=529&code=86d0265f255686f2b6858b82dd891b02
Request Chain 242
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---&khaos=LH43X5G9-W-CF1I HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LH43X5G9-W-CF1I&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Request Chain 256
  • https://trace.mediago.io/cs/xandr?rdid=acc5ecb93eb001d3156a22c25e29ae99 HTTP 302
  • https://ib.adnxs.com/setuid?entity=529&code=86d0265f255686f2b6858b82dd891b02
Request Chain 266
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI6KXtbzroElaJ-3E5y6bs4&google_cver=1
Request Chain 267
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UshiIHk2TeS4RLWTZtHXbw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UshiIHk2TeS4RLWTZtHXbw
Request Chain 268
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjY5OGI3YzRiNzJjOTA0NzVhODI2ZjkyNGI2MDE4MjVjZmI0Y2FmOQ&us_privacy=1---
Request Chain 269
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEg0M1g1RzktVy1DRjFJ&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC-HQMYRSW91O2Jnt9bZzX0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg0M1g1RzktVy1DRjFJ&google_push=
Request Chain 270
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=2ceafc3a-8e26-4266-b01b-ef810856e5c7&gdpr=0&gdpr_consent=&expires=30
Request Chain 272
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/L7FzBEygjwblo_PUgcrf1Q?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-CS4dv4BE2oJv61DW74wI55U9ZgbATYroDIWp1A--~A
Request Chain 273
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH43X5G9-W-CF1I&us_privacy=1---
Request Chain 282
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033163313265937
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Dxxed3KbT5KOg7eoht4ccQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 285
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0F1C5E77-729B-4F92-8E83-B7A886DE1C71 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=0F1C5E77-729B-4F92-8E83-B7A886DE1C71 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a4b4a278-70a7-4dc9-98cf-67badbab2011%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2ceafc3a-8e26-4266-b01b-ef810856e5c7&ttd_puid=a4b4a278-70a7-4dc9-98cf-67badbab2011%2C%2C
Request Chain 287
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&vxii_pid=12&vxii_pid1=10067&vxii_rcid=58fbf93a-8c14-458c-b743-95a36aeb8f55
Request Chain 288
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEYxQzVFNzctNzI5Qi00RjkyLThFODMtQjdBODg2REUxQzcx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI-OaefEMiYUAeucR9Fo7S0&google_cver=1
Request Chain 290
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E221993AEBB24A2B8493EE00CA67D0D7
Request Chain 291
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3339306244832130287&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 307
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LH43X5G9-W-CF1I HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LH43X5G9-W-CF1I
Request Chain 327
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=slate.com&sn=ChromeSyncframe&so=0&topUrl=slate.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=3eT4WnxYN2RzRkRVa29vQVhQRlFwdjJtMXlkdHpaK3ZJUE1saXNZb2p4UGd3M21udHVTWkZ4R0tmVEYwU01GR3MySkdCbHA3bHVWNjcrYUIwampJcklXb3BWZnFRaFMwV05UU2JsbXRtY3Z0UzRGK2Qxdm5rTTN5TFVYUjVYUDFHQ2hSMmhWME5WWE5YY3RaRFFBY1A4ZnJCclF0Nkd2RTYvbGJnamZNKzdLQzF4bExEYmkrOWFoU1BWcXlVU05xQVg1TElKNno3clEwQVpEYnVqUmZMZHlITlBGTkU2aHB6Q0t2b1owQmt2UjQ5dXZ0UDJRNTJ5MFpDeFhhMTM0QVZseTFaUXU5QUtTN2QveXVaa2UxNUpsYndBdz09fA&cppv=2
Request Chain 349
  • https://gklfs-x8k98.ads.tremorhub.com/ad/tag?adCode=gklfs-z91iz&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fmagazine-api.taboola.com%2Fvideo-content%2F-1849738329230163084%2Fflavours%2Fmp4_480.mp4&srcPageUrl=https%3A%2F%2Fslate.com&contentLength=NaN&gdpr=0&us_privacy=1--- HTTP 302
  • https://gklfs-x8k98.ads.tremorhub.com/ad/tag?adCode=gklfs-z91iz&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fmagazine-api.taboola.com%2Fvideo-content%2F-1849738329230163084%2Fflavours%2Fmp4_480.mp4&srcPageUrl=https%3A%2F%2Fslate.com&contentLength=NaN&gdpr=0&us_privacy=1---&_tur=T
Request Chain 357
  • https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZE8IzcCo8X0AAIOrpPkAAAAA
Request Chain 358
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=d78a25f59dfa4cba9cebcc624d038777 HTTP 302
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=d78a25f59dfa4cba9cebcc624d038777
Request Chain 360
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LH43X5G9-W-CF1I
Request Chain 361
  • https://pr-bh.ybp.yahoo.com/sync/taboola/66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b?gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-m8.CWiBE2oRbWeHt6lQWSC_CUMmLVtvbQ7De4A--~A
Request Chain 362
  • https://trace.mediago.io/ju/cs/taboola HTTP 302
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=86d0265f255686f2b6858b82dd891b02
Request Chain 363
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEHtwWfqo5SFvB76vBWR5WdQ&google_cver=1
Request Chain 365
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b
Request Chain 366
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=2ceafc3a-8e26-4266-b01b-ef810856e5c7
Request Chain 370
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a96db30a-0d1f-4437-bc2e-f7734502baa1
Request Chain 371
  • https://id5-sync.com/s/464/9.gif?puid=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F6%2F2.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/429/6/2.gif?puid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/464/434/5/3.gif?puid=5f481e3f-fe26-4643-95a4-3f53617d0aae&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F4%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/4/4.gif?puid=a4b4a278-70a7-4dc9-98cf-67badbab2011&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-8f2ecMn3ZDRpurp-JBF-C-cwDOLljfJZqEjb-WN-ZA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F3%2F5.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/3/5.gif?puid=778b644f-08cd-4200-9c5c-da65e0d1f631&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F2%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F2%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/112/2/6.gif?puid=E3AD1B54C2BEBE75&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/1/7.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/1/7.gif?puid=1217742735073133822&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=2ceafc3a-8e26-4266-b01b-ef810856e5c7&ttl=%%TTL%% HTTP 302
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-8f2ecMn3ZDRpurp-JBF-C-cwDOLljfJZqEjb-WN-ZA
Request Chain 372
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4836568124463724454&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=0917a668-00c7-4069-99d7-f5e021233ae9
Request Chain 373
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e223b357-3f09-4481-9c10-8628c1a24a7c HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e223b357-3f09-4481-9c10-8628c1a24a7c&tbid=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b&query=taboola_hm%3De223b357-3f09-4481-9c10-8628c1a24a7c&isDirect=0
Request Chain 376
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=ruPoSpZIUIJ7GLwbam2kAZU4mbs
Request Chain 377
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 379
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=cce96428-d4d0-480a-99d2-97ad3854c548
Request Chain 390
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=561da2bcf86ab95f3de431e97b461c5f&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o0f8a_7228005612105001286&gdpr=0&gdpr_consent=null HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NTYxZGEyYmNmODZhYjk1ZjNkZTQzMWU5N2I0NjFjNWY=&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEIhpzq4FKCz2LyHcyJCa8bU&google_cver=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=2ceafc3a-8e26-4266-b01b-ef810856e5c7&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAErwE7InhIAACEgpNW--w&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/561da2bcf86ab95f3de431e97b461c5f?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-z00hXk9E2oNZfsQ5BXZA6dcBsb26dCynkxpQaa6r~A HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=freewheel HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=561&userId=c5daa5f8-e7b7-11ed-81c4-b1999ba94c6c HTTP 302
  • https://jelly.mdhv.io/v4/pixie HTTP 307
  • https://ads.stickyadstv.com/user-registering?dataProviderId=513&userId=c9ddfb3e-fb4d-4385-b470-78422aa2bf32 HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=5043119&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=1608ec07-25bd-4a37-83ed-b449872e489b HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
Request Chain 396
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTYxZGEyYmNmODZhYjk1ZjNkZTQzMWU5N2I0NjFjNWY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 397
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=561da2bcf86ab95f3de431e97b461c5f&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 433
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFcndFN0luaElBQUNFZ3BOVy0tdw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAErwE7InhIAACEgpNW--w&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAErwE7InhIAACEgpNW--w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAErwE7InhIAACEgpNW--w&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAErwE7InhIAACEgpNW--w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=8433210686061420878&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAErwE7InhIAACEgpNW--w&gdpr=0&gdpr_consent=
Request Chain 434
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:778b644f-08cd-4200-9c5c-da65e0d1f631&gdpr=0&gdpr_consent=
Request Chain 435
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c5daa5f8-e7b7-11ed-81c4-b1999ba94c6c
Request Chain 436
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1217742735073133822&gdpr=0&gdpr_consent=
Request Chain 442
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2ceafc3a-8e26-4266-b01b-ef810856e5c7&gdpr=0&gdpr_consent=
Request Chain 443
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-q_VtuHtE2uWIRF2axEm8bkdNYNcXHGY-~A&gdpr=0
Request Chain 445
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=54229035d4f2068a&is_secure=true&networkId=17100&version=1&nuid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACUr_NLLknWANAesYhAAAAAAA&expiration=1682987600&nuid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 446
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb2-useast.marketiq.com/sync?exchange=685&ssp=pubmatic&bsw_param=0917a668-00c7-4069-99d7-f5e021233ae9 HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.marketiq.com%2Fsync%3Fexchange%3D685%26ssp%3Dpubmatic%26bsw_param%3D0917a668-00c7-4069-99d7-f5e021233ae9 HTTP 302
  • https://rtb2-useast.marketiq.com/sync?adkuid=A3499120087437666193&exchange=685&ssp=pubmatic&bsw_param=0917a668-00c7-4069-99d7-f5e021233ae9 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=458&user_id=A3499120087437666193&expires=5&ssp=pubmatic&bsw_param=0917a668-00c7-4069-99d7-f5e021233ae9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 469
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=2ceafc3a-8e26-4266-b01b-ef810856e5c7 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=2ceafc3a-8e26-4266-b01b-ef810856e5c7
Request Chain 471
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=1e15f86d-f396-4f3d-b405-16d8a0b20024 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokMWUxNWY4NmQtZjM5Ni00ZjNkLWI0MDUtMTZkOGEwYjIwMDI0EAAaDQjRkbyiBhIFCOgHEABCAEoA HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=1e15f86d-f396-4f3d-b405-16d8a0b20024
Request Chain 472
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=1217742735073133822
Request Chain 473
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3339306244832130287&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 474
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE8IzAAGrfCaLwAp
Request Chain 476
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=1e15f86d-f396-4f3d-b405-16d8a0b20024 HTTP 307
  • https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwI0ZG8ogYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwI0ZG8ogYSBAgCEABCAEoA&google_gid=CAESEFiK8zz2SwgpG30B8iv_qrQ&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=c52b774a-99e0-4ad1-87fd-2034661df0c9
Request Chain 477
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=1217742735073133822
Request Chain 478
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3339306244832130287&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 479
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE8IzAAGrfCaLwAp
Request Chain 480
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=2ceafc3a-8e26-4266-b01b-ef810856e5c7&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 481
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI2MDIyNDI3NDI1MjEwODU3MzE1NQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 482
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIc-z6FOKUS6V3Ts5BNl2N0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 483
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI2MDIyNDI3NDI1MjEwODU3MzE1NQ%3D%3D
Request Chain 485
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3260224274252108573155&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=475f171f-2d03-4c54-a528-a5f985cf9af9&ssp=triplelift&expires=30&user_group=5&bsw_param=0917a668-00c7-4069-99d7-f5e021233ae9 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=0917a668-00c7-4069-99d7-f5e021233ae9&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 487
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3260224274252108573155?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-NosvrzVE2oQsdZeB1geGhP.I3h_lWbXYGVOhYu7atQ--~A&dongle=0883
Request Chain 488
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=HFec2YkIGWgZAP77xHbg&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JBDGKYZSLFVUSR2XM5NECUBXG54EQYTH&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JBDGKYZSLFVUSR2XM5NECUBXG54EQYTH HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=HFec2YkIGWgZAP77xHbg
Request Chain 489
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1217742735073133822&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 491
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=2ceafc3a-8e26-4266-b01b-ef810856e5c7&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 492
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI2MDIyNDI3NDI1MjEwODU3MzE1NQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 493
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIc-z6FOKUS6V3Ts5BNl2N0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 494
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI2MDIyNDI3NDI1MjEwODU3MzE1NQ%3D%3D
Request Chain 496
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3260224274252108573155&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=475f171f-2d03-4c54-a528-a5f985cf9af9&ssp=triplelift&expires=30&user_group=5&bsw_param=0917a668-00c7-4069-99d7-f5e021233ae9 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=0917a668-00c7-4069-99d7-f5e021233ae9&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 498
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3260224274252108573155?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-NosvrzVE2oQsdZeB1geGhP.I3h_lWbXYGVOhYu7atQ--~A&dongle=0883
Request Chain 499
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=HFec2YkIGWgZAP77xHbg&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JBDGKYZSLFVUSR2XM5NECUBXG54EQYTH&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JBDGKYZSLFVUSR2XM5NECUBXG54EQYTH HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=HFec2YkIGWgZAP77xHbg
Request Chain 500
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1217742735073133822&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 503
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1217742735073133822
Request Chain 505
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE8IzAAGrfCaLwAp
Request Chain 506
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZE8IzFXUuxVLPNY5y8A8iAAAAKwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZE8IzFXUuxVLPNY5y8A8iAAAAKwAAAIB
Request Chain 508
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZE8IzFXUuxVLPNY5y8A8iAAA%26172&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b
Request Chain 509
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=778b644f-08cd-4200-9c5c-da65e0d1f631
Request Chain 510
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4836568124463724454&expiration=1684110801
Request Chain 512
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAErwE7InhIAACEgpNW--w&expiration=1684110801
Request Chain 513
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3339306244832130287
Request Chain 514
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=26d2a8f156920564&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAACUr_NLLkngQNziX5RAAAAAAA&expiration=1682987601&is_secure=true
Request Chain 515
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E221993AEBB24A2B8493EE00CA67D0D7
Request Chain 516
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1217742735073133822
Request Chain 518
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZE8IzFXUuxVLPNY5y8A8iAAA%26172?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZE8IzFXUuxVLPNY5y8A8iAAA%26172
Request Chain 519
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZE8IzFXUuxVLPNY5y8A8iAAA%26172&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b
Request Chain 577
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ve8rzlPjfMpOvinLUeIyy1vrJ5FOui3OUumOn8nK
Request Chain 578
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_85fa64530a2144f3bcfe0
Request Chain 579
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 580
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent=
Request Chain 581
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:l8m68DHp1PThtK5&gdpr=0&gdpr_consent=
Request Chain 582
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=8d8acbfc-fd99-4032-8b5d-b099d354475f&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71
Request Chain 583
  • https://idsync.rlcdn.com/712188.gif?partner_uid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent= HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIYDZwLzoGnsP95VVcZZZK8&google_cver=1
Request Chain 584
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71/gdpr=0/gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71/gdpr=0/gdpr_consent=
Request Chain 587
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1608ec07-25bd-4a37-83ed-b449872e489b&gdpr=0&gdpr_consent=
Request Chain 588
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8575d492-c56d-409a-b6c5-70be7088449c-644f08d4-4341&gdpr=0&gdpr_consent=
Request Chain 590
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33646_101F69DA5_83B9BB9E&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1

590 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request solarwinds-hack-malware-active-breach.html
slate.com/technology/2020/12/ 		857 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
20b47b601e05657d9c479af46a86b2aee70a97cdc66c4e7bc496f40ddc9ba423
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-length
224849
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:33:15 GMT
etag
W/"d639e-VQZ/hMutvJcUiK0ATWp+0SJf5n8"
feature-policy
web-share 'self';accelerometer 'none';autoplay 'none';camera 'none';ch-device-memory 'none';ch-downlink 'none';ch-dpr 'none';ch-ect 'none';ch-prefers-color-scheme 'none';ch-rtt 'none';ch-ua 'none';ch-ua-arch 'none';ch-ua-bitness 'none';ch-ua-full-version 'none';ch-ua-mobile 'none';ch-ua-model 'none';ch-ua-platform 'none';ch-ua-platform-version 'none';ch-viewport-width 'none';ch-width 'none';clipboard-read 'none';clipboard-write 'none';cross-origin-isolated 'none';display-capture 'none';document-domain 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';gyroscope 'none';hid 'none';idle-detection 'none';magnetometer 'none';microphone 'none';midi 'none';otp-credentials 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';screen-wake-lock 'none';serial 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none';ambient-light-sensor 'none';battery 'none';gamepad 'none';layout-animations 'none';legacy-image-formats 'none';oversized-images 'none';speaker-selection 'none';unoptimized-images 'none';unsized-media 'none';vibrate 'none';vr 'none';
permissions-policy
web-share=(self),accelerometer=(),autoplay=(),camera=(),ch-device-memory=(),ch-downlink=(),ch-dpr=(),ch-ect=(),ch-prefers-color-scheme=(),ch-rtt=(),ch-ua=(),ch-ua-arch=(),ch-ua-bitness=(),ch-ua-full-version=(),ch-ua-mobile=(),ch-ua-model=(),ch-ua-platform=(),ch-ua-platform-version=(),ch-viewport-width=(),ch-width=(),clipboard-read=(),clipboard-write=(),cross-origin-isolated=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),idle-detection=(),magnetometer=(),microphone=(),midi=(),otp-credentials=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),xr-spatial-tracking=(),ambient-light-sensor=(),battery=(),gamepad=(),speaker-selection=()
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-frame-options
sameorigin
x-served-by
cache-iad-kcgs7200064-IAD, cache-yul12822-YUL
x-slate-uuid
07ba000e-048a-4924-ba3f-1d0511173b07
x-timer
S1682901195.082877,VS0,VE227
a93af3db-1af0-47d9-9f09-527c8cf76c76.jpeg
compote.slate.com/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://compote.slate.com/images/a93af3db-1af0-47d9-9f09-527c8cf76c76.jpeg?width=1280&rect=4896x3264&offset=32x0
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
053babc86b8929fa9c6908a4b38180f78b29cfd810417ea297a6009197501812

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 varnish, 1.1 varnish
date
Mon, 01 May 2023 00:33:15 GMT
x-amz-request-id
T96B6XH5A3B5Q8XZ
age
2173401
x-io
/images/a93af3db-1af0-47d9-9f09-527c8cf76c76.jpeg?rect=4896x3264&offset=32x0&crop=4896,3264,x32,y0&width=1280&auto=avif
x-cache
HIT, MISS
fastly-io-info
ifsz=575251 idim=4928x3264 ifmt=jpeg ofsz=23241 odim=1280x853 ofmt=avif
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
23241
x-amz-id-2
R+Z6CETdw1TAooiIdZEWNtewwys5StC3pPk6Bbmx8ieQAzb/XsIBh0MiFGUY4SRup777gfAagCk=
x-served-by
cache-iad-kcgs7200128-IAD, cache-yyz4526-YYZ
server
AmazonS3
x-timer
S1682901195.429226,VS0,VE58
etag
"vV8k8Blub/PqQjbyBv2oSZZIRMzoKuWsQ1c50CXkjok"
vary
Accept
content-type
image/avif
cache-control
public, max-age=315360000
accept-ranges
bytes
x-cache-hits
3, 0
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 May 2023 00:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
rpnZu/dYNZPLIh9pLOSMrg==
age
21122
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6757
x-ms-lease-status
unlocked
last-modified
Thu, 27 Apr 2023 20:26:46 GMT
server
cloudflare
etag
0x8DB475DB9217360
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7adbfebd-601e-0124-504e-7907fd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c03ee97186f714a-YUL
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 May 2023 00:33:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ERttG9+iQk1LCPjR495NRw==
age
26662
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
84ed10d5-601e-00ec-3ce1-5ad09f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7c03ee971876714a-YUL
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87b6d97581295439623b3a80e0d01eaa64c202df17afaf164df4ecc5f47a63bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24704
x-xss-protection
0
server
cafe
etag
687 / 19478 / 31074189 / config-hash: 17856767610576847833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 01 May 2023 00:33:15 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		227 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5336e341bf88d1798de998944eb812582d4f522583b3be6fe4b366f6bb9426a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:00:21 GMT
content-encoding
gzip
via
1.1 8348c06ca24c7faf1ae00ad6facc20b2.cloudfront.net (CloudFront), 1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 19:15:17 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, EWR52-C2
age
1975
x-amz-server-side-encryption
AES256
etag
W/"644915d59292b7496ff86a0d2c460fce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
CY3SVqcxoibQQfV3fd5PYileXfy5TWATrTxyalTpTtM30ZRe7WCTjw==
7ff9545e-d46d-4daa-9328-e1bf5436be86.png
compote.slate.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://compote.slate.com/images/7ff9545e-d46d-4daa-9328-e1bf5436be86.png
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d30554fad6d2131a1f86b6ccd7a314afbf47c19a2586248d101988c1a3c4fe1b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 varnish, 1.1 varnish
date
Mon, 01 May 2023 00:33:15 GMT
x-amz-request-id
Y69WQ42NQEQ7YKZ8
age
1583408
x-io
/images/7ff9545e-d46d-4daa-9328-e1bf5436be86.png?auto=avif
x-cache
HIT, HIT
fastly-io-info
ifsz=2468 idim=461x68 ifmt=png ofsz=2468 odim=461x68 ofmt=png
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
2468
x-amz-id-2
OcIfQJYxdVTAFNHKjmeCQnUxgL0KCsKszrdEmZdJLW2QCrv5gynJ4OgtWodzScRSJYgbPF2PrYc=
fastly-io-warning
Failed to shrink image
x-served-by
cache-iad-kjyo7100082-IAD, cache-yyz4526-YYZ
server
AmazonS3
x-timer
S1682901195.469729,VS0,VE0
etag
"JlKrN1cSXnO/tTj72TDrfPmuwK4VQuqqD7CBG+T1+Nk"
vary
Accept
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
x-cache-hits
16808, 3
a93af3db-1af0-47d9-9f09-527c8cf76c76.jpeg
compote.slate.com/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://compote.slate.com/images/a93af3db-1af0-47d9-9f09-527c8cf76c76.jpeg?crop=4896%2C3264%2Cx0%2Cy0&width=1280
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef414ea1c1e9ce3cbfe2962bfa47fa5086d3461f5fd95c8831a6abfb6f36cdce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 varnish, 1.1 varnish
date
Mon, 01 May 2023 00:33:15 GMT
x-amz-request-id
T96B6XH5A3B5Q8XZ
age
2173401
x-io
/images/a93af3db-1af0-47d9-9f09-527c8cf76c76.jpeg?crop=4896%2C3264%2Cx0%2Cy0&width=1280&auto=avif
x-cache
HIT, MISS
fastly-io-info
ifsz=575251 idim=4928x3264 ifmt=jpeg ofsz=23213 odim=1280x853 ofmt=avif
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
23213
x-amz-id-2
R+Z6CETdw1TAooiIdZEWNtewwys5StC3pPk6Bbmx8ieQAzb/XsIBh0MiFGUY4SRup777gfAagCk=
x-served-by
cache-iad-kcgs7200128-IAD, cache-yyz4526-YYZ
server
AmazonS3
x-timer
S1682901195.469870,VS0,VE29
etag
"b7jh6RzPVnIM56wTF/rw7cRffy8r9KknYm2OmXLklX0"
vary
Accept
content-type
image/avif
cache-control
public, max-age=315360000
accept-ranges
bytes
x-cache-hits
4, 0
0e1d2de3-ec2a-48ca-8f78-11045575a199.json
cdn.cookielaw.org/consent/0e1d2de3-ec2a-48ca-8f78-11045575a199/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/0e1d2de3-ec2a-48ca-8f78-11045575a199/0e1d2de3-ec2a-48ca-8f78-11045575a199.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b91afa8893c00069ee92faeba0b68734a332d71f0945e0795f08acd6c4b984f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 May 2023 00:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
UD5iyMzfc3Cj0ly9Cz6EFQ==
age
72731
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1707
x-ms-lease-status
unlocked
last-modified
Thu, 29 Dec 2022 16:33:42 GMT
server
cloudflare
etag
0x8DAE9BA72E13DEF
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a710c2ba-901e-0175-56e1-5a1908000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c03ee97bdc17154-YUL
expires
Tue, 02 May 2023 00:33:15 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		77 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26722786cc2b7257efb9ed4b77e7c4f0cae058303ac58a67e74f191db592eda7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
7c03ee97d9b6ca5f-YUL
vary
Accept-Encoding
content-type
text/javascript
loader.js
cdn.taboola.com/libtrc/slate1-network/ 		293 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/slate1-network/loader.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36b5f8c84d43087b05ab36cf8bd0910e8c467cf2c7feabe588f1763fcca0c10e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
SG4RIGyVHj9i.FVVjOHKrWL9.5Mt1DH_
content-encoding
gzip
via
1.1 varnish
date
Mon, 01 May 2023 00:33:15 GMT
x-amz-request-id
6S9K3J8KB2C0T6FD
age
44
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
44971
x-amz-id-2
a/dt9meG2G0CyeiG5RJUkszMPYpSIbBX1pZgWu1ZdYWf/Q6zrZTocXxpeD04Vwpd4IVi6EFw3RI=
x-served-by
cache-yul12827-YUL
last-modified
Sun, 30 Apr 2023 09:20:00 GMT
server
AmazonS3
x-timer
S1682901195.495089,VS0,VE4
etag
"0e9b5a186ff708bacb93dcdd95330434"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
78
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
global-sprite.svg
slate.com/media/sites/slate-com/ 		23 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://slate.com/media/sites/slate-com/global-sprite.svg
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b1af11c32d42ff7931eb8ca57c539ed1f6c7da50a729c24c40b98bcba83d181b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Mon, 01 May 2023 00:33:15 GMT
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
age
4050
x-cache
HIT, HIT
content-length
9950
x-served-by
cache-iad-kiad7000136-IAD, cache-yul12822-YUL
last-modified
Thu, 20 Apr 2023 17:00:14 GMT
x-timer
S1682901195.473541,VS0,VE0
etag
"64416f9e-5bd4"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
19, 9
sprite.svg
slate.com/media/components/masthead/ 		9 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://slate.com/media/components/masthead/sprite.svg
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b98dc726aa5bd1cc0dbcc56211e72cb5f87debe7e363fc1057479a4527b06462
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Mon, 01 May 2023 00:33:15 GMT
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
age
2568
x-cache
HIT, HIT
content-length
3803
x-served-by
cache-iad-kcgs7200022-IAD, cache-yul12822-YUL
last-modified
Thu, 28 Jan 2021 17:08:34 GMT
x-timer
S1682901195.472671,VS0,VE0
etag
"6012ef92-2203"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
10225, 5
Retina-Book-subset.woff2
slate.com/fonts/slate-com/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slate.com/fonts/slate-com/Retina-Book-subset.woff2
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dc123e1fdfe40c519213aed6431da35e0b5aa556e35dce4a4146417f02a335c3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Origin
https://slate.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
via
1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
age
29529473
x-cache
HIT
content-length
41548
x-served-by
cache-yul12822-YUL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
x-timer
S1682901196.513335,VS0,VE0
etag
"5fd128de-a24c"
x-frame-options
sameorigin
vary
Cookie, X-Set-GDPR-Consent, X-Valid-Scroll-User, Origin
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
7043
Retina-BookItalic-subset.woff2
slate.com/fonts/slate-com/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slate.com/fonts/slate-com/Retina-BookItalic-subset.woff2
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e351a4def3c5e76899bac16564adac935392a33d627a7e478b8f83a09f0d5045
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Origin
https://slate.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
via
1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
age
15606570
x-cache
HIT
content-length
42372
x-served-by
cache-yul12822-YUL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
x-timer
S1682901196.513953,VS0,VE0
etag
"5fd128de-a584"
x-frame-options
sameorigin
vary
Cookie, X-Set-GDPR-Consent, X-Valid-Scroll-User, Origin
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
3365
Retina-Bold-subset.woff2
slate.com/fonts/slate-com/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slate.com/fonts/slate-com/Retina-Bold-subset.woff2
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
77f1049a76c92d1b45e0751002bf59f26635d00018946c64213a4c43a840bd1c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Origin
https://slate.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
via
1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
age
46255949
x-cache
HIT
content-length
42296
x-served-by
cache-yul12822-YUL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
x-timer
S1682901196.514917,VS0,VE0
etag
"5fd128de-a538"
x-frame-options
sameorigin
vary
X-Set-GDPR-Consent, Cookie, X-Valid-Scroll-User, Origin
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
6886
Retina-BoldItalic-subset.woff2
slate.com/fonts/slate-com/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slate.com/fonts/slate-com/Retina-BoldItalic-subset.woff2
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2b4700d49a18bb29aa7bdfebcb6df3ddc2bb7f672a5e128f5d2979722693b9d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Origin
https://slate.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
via
1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
age
37298438
x-cache
HIT
content-length
42972
x-served-by
cache-yul12822-YUL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
x-timer
S1682901196.516112,VS0,VE0
etag
"5fd128de-a7dc"
x-frame-options
sameorigin
vary
Cookie, X-Set-GDPR-Consent, X-Valid-Scroll-User, Origin
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
585
Register-Heavy-subset.woff2
slate.com/fonts/slate-com/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slate.com/fonts/slate-com/Register-Heavy-subset.woff2
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a571c0d8f7c25bd282e8d038c5c2c8cb13b094f9e0a756989e3764bba404ee1f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Origin
https://slate.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
via
1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
age
46255938
x-cache
HIT
content-length
32432
x-served-by
cache-yul12822-YUL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
x-timer
S1682901196.516974,VS0,VE0
etag
"5fd128de-7eb0"
x-frame-options
sameorigin
vary
X-Set-GDPR-Consent, Cookie, X-Valid-Scroll-User, Origin
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
4407
Register-HeavyItalic-subset.woff2
slate.com/fonts/slate-com/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slate.com/fonts/slate-com/Register-HeavyItalic-subset.woff2
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d42bb800a50ddbf348ff64fa765ef182f93e2f8b64d65fc6ed2f5f97d602e64d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Origin
https://slate.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
via
1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
age
10081395
x-cache
HIT
content-length
35112
x-served-by
cache-yul12822-YUL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
x-timer
S1682901196.517480,VS0,VE0
etag
"5fd128de-8928"
x-frame-options
sameorigin
vary
Cookie, X-Set-GDPR-Consent, X-Valid-Scroll-User, Origin
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
522
slate-group.svg
slate.com/media/components/global-footer/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://slate.com/media/components/global-footer/slate-group.svg
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
50832693980e5c77ec736487ce344a40bee1e0e241cf9a4b756b8673bc346854
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Mon, 01 May 2023 00:33:15 GMT
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
age
5997
x-cache
HIT, HIT
content-length
1734
x-served-by
cache-iad-kiad7000172-IAD, cache-yul12822-YUL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
x-timer
S1682901196.517469,VS0,VE0
etag
"5fd128de-f4f"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
79773, 26
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 01 May 2023 00:33:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27967
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
8jDS2olIjeXbnNzSmG1zt4bkUyb2f4IwfpI9oQNCdXxqmllw7p5y6jK9wqoVk3sPqhwhw9ThBo1B2llNi3UQPQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/18406752/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Server
108.138.106.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-43.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:25:29 GMT
content-encoding
gzip
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 10:02:11 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
467
etag
W/"77ff4ede4693897337a38594321529a3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
IinDeDEPz4oB4o1Y5iMTAjVn5FpnzwfrMv88xgKxgp7nfPbV3emIKw==

Redirect headers

date
Mon, 01 May 2023 00:33:15 GMT
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
qQbkVbg3mJwYs267v1S0GKortZb1s3wVCHGPxd49Upniuap3TP4S8A==
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
content-encoding
gzip
etag
"DUHyBE1e2vdA+NAhXV6BXg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 08 May 2023 00:33:15 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		68 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7c03ee9858734bd0-YUL
access-control-allow-headers
Content-Type
analytics-browser-1.1.4-min.js.gz
cdn.amplitude.com/libs/ 		68 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/analytics-browser-1.1.4-min.js.gz
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.115.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-115-48.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85959941ab12a5f6a9debebbf56c7b1471d829a390444ee7ca96116afc7b8ff2

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Origin
https://slate.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 10:01:07 GMT
content-encoding
gzip
via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
x-amz-version-id
ekSPhRG79Jx.VT8XE3IJ6fa8DOn9bG_F
x-amz-cf-pop
JFK50-P6
age
2212329
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21189
last-modified
Sat, 13 Aug 2022 03:30:51 GMT
server
AmazonS3
etag
"60863dd34935487e8591c29a976c6f8c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
g4j7ib4rLKtpcbibukO0ssllPXx1yqLYHPgLbzyzckjbdKv7tOQW9Q==
resize.js
slate.com/piano/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slate.com/piano/scripts/resize.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
90816272c28c1206d19bfa325b59453979c1dac41b9e527bb345106ef4dc8452
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
age
25
x-cache
HIT, HIT
content-length
1490
x-served-by
cache-iad-kcgs7200174-IAD, cache-yul12822-YUL
last-modified
Thu, 09 Mar 2023 17:02:57 GMT
x-timer
S1682901196.637336,VS0,VE0
etag
"640a1141-df5"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
x-cache-hits
985905, 2
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c63c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4SP9KC14VQ14J9CH
age
6647
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Y9tb2Bqji0NBRZXdx7vO6G1woVyje0MQx/5hfmBadA6FypuaKCVeyMxm6rGLripwKZsnsTiJYbI=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8nB1R0MnaKPMkZIA0NXb3xecki7kPP1eGEq2HYBtnJJQWXV018HXwAiewWia8sh4urAD7gZ%2Fxx6aWA%2FTJMQN%2BDx7WUssqRk%2B4DuJ43o4SRDWVxrYWev3dzM7pDisD3Emu8ACoYrexekxfmO6Hs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
7c03ee992dc118ae-EWR
load
experience.tinypass.com/xbuilder/experience/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=homyv5Uzpu
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43cecb942dedd0e30e6cf86a69f8d7fbcec2b02c909fc6cab118f23c84d5d5c0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
date
Mon, 01 May 2023 00:33:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 30 Apr 2023 23:04:52 GMT
server
cloudflare
age
2398
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
7c03ee98fcca7150-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
so49d3pdkw
expires
Mon, 01 May 2023 01:03:15 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
434
etag
W/"06f50014011c1fcd9e21b6b0481979de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7c03ee98fba8713e-YUL
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 04 May 2023 00:33:15 GMT
load.js
widget.perfectmarket.com/slate1-network/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/slate1-network/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/slate1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7f027606ba3a2e0919e17fc3ccfb13473ab1e46a06d59af079623aee865f38f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
dxncZ8TqKbnU4c2EVX.KNEa_daY.TY4O
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Mon, 01 May 2023 00:33:15 GMT
x-amz-request-id
SEWP4HKG656RAKTK
age
196
x-cache
HIT, HIT
content-length
1091
x-amz-id-2
pCuO/EMAe5D//jH2FZQiDugbsnhE7vo83ahKgtrC6JXaDUi3GlD5Q+2wa/qs2eG/6hpRSIDR8jU=
x-served-by
cache-bur-kbur8200058-BUR, cache-yul12834-YUL
last-modified
Fri, 24 Mar 2023 16:07:04 GMT
server
AmazonS3
x-timer
S1682901196.709606,VS0,VE1
etag
"b6bfa46d824820b20b5eba67c4f0792d"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
17098, 1
impl.20230430-1-RELEASE.js
cdn.taboola.com/libtrc/ 		758 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230430-1-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/slate1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f39759cc5d69473b0915c80d9044bee2cb142445fa479d9356151d8d1de5c77e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
u5.tiG7tnybiC7R4Gce23PtguNMHpmpw
content-encoding
br
via
1.1 varnish
date
Mon, 01 May 2023 00:33:15 GMT
x-amz-request-id
YXKBNK4Z4EKQT025
age
2260
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
161486
x-amz-id-2
s4Hy6JnqkXuVo7Soqv9NseKAnU4VbuPigSDcgbsaiy+uid7sSOz/MDo93Sd4zyR4kFSEcdeMMLQ=
x-served-by
cache-yul12827-YUL
last-modified
Sun, 30 Apr 2023 06:25:27 GMT
server
AmazonS3-br
x-timer
S1682901196.686643,VS0,VE0
etag
"9a72c88b3b607fa890a1f9fa20e1a04c"
vary
Accept-Encoding
content-type
application/javascript
abp
61
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
54
ats.js
ats-wrapper.privacymanager.io/ats-modules/f6ed6589-5170-40c6-98bc-a4a49ff26fa8/ 		237 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/f6ed6589-5170-40c6-98bc-a4a49ff26fa8/ats.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ad1ce2c39949f193dfd3dc3e22040bb451519ca664a06b212705c23714fdb0d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:31:26 GMT
x-amz-version-id
BmIgQqroNOggOYbeWpy52wLz9c2EbcFi
content-encoding
gzip
last-modified
Thu, 08 Sep 2022 13:35:17 GMT
server
AmazonS3
via
1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"c72e81664cde4822deeed36e1586e9de"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
age
110
x-amz-cf-id
LSt7JVum04A72SD2wj9D0cRi5a0Y7IUAYJ5-X_F9W3SJg_4fwk4n6w==
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202211.2.0/ 		383 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 May 2023 00:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
uPFqyxtrxGqJsyAvB7RnSg==
age
70057
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
93482
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:45 GMT
server
cloudflare
etag
0x8DADC66BDFA5EC7
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
da60ad71-a01e-00f1-2de1-5a0975000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c03ee996d4d714a-YUL
rules-p-fw53_-Tq3MNK1.js
rules.quantcount.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-fw53_-Tq3MNK1.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:d800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46adccd2994c0bfa1be4fe4e892f00510a73cdd460e75fc181b3aee09c2846f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:09:58 GMT
content-encoding
gzip
via
1.1 2772ea7c91d6d2b9d83ea6d082faecc8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
1397
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 18 Dec 2020 17:12:53 GMT
server
AmazonS3
etag
W/"e5b9c334fdc957d8ec1021d513b9f770"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
ofqOrQe8wsTDyqRvbndLuO39KTiVq1YZV1vywO_IZet0qROGrwcLoQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/ 		398 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6570b1c2cbf3c298c9196fe9dfb39125e29e70ef7ab53d23d8d156ff8c2b8e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:04:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
26912
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126189
x-xss-protection
0
server
cafe
etag
14317580509974688450
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 29 Apr 2024 17:04:43 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		95 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=slate.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75ad345dd6ee228cfb334edf436cb138efeb1b9472015a84aefcedb976a52274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
x-xss-protection
0
expires
Mon, 01 May 2023 00:33:15 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		604 B
950 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3075&u=https%3A%2F%2Fslate.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
0741af0f1c64e99083156b9d8899901a210d6735f1600efa156260135982e40a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
via
1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://slate.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
604
x-amz-cf-id
gHF9bXoKyxMoiBhNv97sK9VScYJfPRjZdK1XOj7oA-6NDWqPXhKYIQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 22:50:12 GMT
x-amz-version-id
ZtsI5FMPcYjgnUSe6fFwOoK3szNfqbqS
content-encoding
gzip
via
1.1 936397b26a4278a4582b6e1456333afa.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
age
6184
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 27 Apr 2023 23:46:51 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
6HY6UJ5w7NKD768qESGtIYDfD0M4xBijV7zhgkv695G6BmM7XCI11Q==
bid
aax.amazon-adsystem.com/e/dtb/ 		239 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3075&u=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&pid=Hrj6iqcRPAqce&cb=0&ws=1600x1200&v=23.426.459&t=1500&slots=%5B%7B%22sd%22%3A%22rr-article-flex-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%2291898098%2Fslate.com%2Ftechnology%2Ffuture_tense%22%2C%22kv%22%3A%7B%7D%7D%5D&pj=%7B%22si_section%22%3A%22technology%20%20%20future%20tense%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A200%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.243.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-243-220.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
cbd42e1627e055ab2b8b4a08069144eb764c64815c5f5f3172883b53cdd235a5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-P1
x-amz-rid
K1ENNY9HTH7BSZYPDAPS
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://slate.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
239
x-amz-cf-id
_nRx5aAxOctIJqSC6MibNAQS_ewIDpLT6JAgAwAgCBoKhd0AOUn5CA==
fastlane.json
fastlane.rubiconproject.com/a/api/ 		319 B
864 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13590&site_id=60302&zone_id=768502&size_id=15&alt_size_ids=9%2C10&us_privacy=1---&eid_pubcid.org=987fb852-9756-46aa-b1aa-5ec3fd0e5201%5E1&rf=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&tg_i.pbadslot=technology%2Ffuture_tense%2Frr-article-flex-1&tk_flint=pbjs_lite_v7.22.0&x_source.tid=efa9e176-8f03-4c99-ba40-3dac9661f2e4&l_pb_bid_id=2200552a4b4e03&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=technology%2Ffuture_tense%2Frr-article-flex-1&slots=1&rand=0.49839072102495585
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8b631c7596aea9638d9e48e51512e68be65e04a0eccae85d39621610557c1a3f

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://slate.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
319
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&tmax=1500&us_privacy=1---
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.144.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-144-28.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:15 GMT
accept-ch
sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent
content-type
application/json; charset=utf-8
access-control-allow-origin
https://slate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=271367&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225d6c096126265e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Atrue%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.22.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html%22%2C%22tmax%22%3A1500%2C%22syncsPerBidder%22%3A10%2C%22pbadslot%22%3A%22technology%2Ffuture_tense%2Frr-article-flex-1%22%2C%22adunitcode%22%3A%22rr-article-flex-1%22%2C%22divId%22%3A%22rr-article-flex-1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226dc8c9ae2986bb%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22271367%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22271367%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22271367%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22technology%2Ffuture_tense%2Frr-article-flex-1%22%2C%22tid%22%3A%22efa9e176-8f03-4c99-ba40-3dac9661f2e4%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22445169d6-aa60-4e07-9a6b-09d45641b02b%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22987fb852-9756-46aa-b1aa-5ec3fd0e5201%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24a9b2c1e1dd0cf98c918d1c07fcd31e3e4eb2e95c634e26f4cb167051d9c460

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwkjRpJzPMfA5rJZ41Rypv4fb3KTTKDE2Vq48Qwm%2BWglfBvNGO6%2B9wk7G2wyrR4UGD%2B0LOKQFjT9cGIXjkUTpltvKc%2FMnXoPFsQy70Ajf8xuNH8pHPiR5wDFhDJQWTBblRy1Oe0h"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://slate.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7c03ee9a4b02a1de-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4a4af3034c25b117e02ba917715bd8f9198834e5e164a5582ca476ee2e1b1054
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 01 May 2023 00:33:16 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e23e6fba-7102-45ad-b899-8282e5f9f317
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://slate.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
slate
direct.adsrvr.org/bid/bidder/ 		0
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/slate
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://slate.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
arj
slate-d.openx.net/w/1.0/ 		190 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://slate-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=efa9e176-8f03-4c99-ba40-3dac9661f2e4&nocache=1682901195834&us_privacy=1---&pubcid=987fb852-9756-46aa-b1aa-5ec3fd0e5201&aus=300x250%2C300x600%2C160x600&divids=rr-article-flex-1&aucs=technology%252Ffuture_tense%252Frr-article-flex-1&auid=557570606
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a313013603ab035c0ce44c9ecc5f9bbf5e6f3e7850dca93464b1d44d3b0b0b31

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://slate.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
krk.kargo.com/api/v2/ 		2 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22b8d7d448-823a-435e-b38f-20d40ba1f39d%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A1500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1682901195836%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2216410067c6e935c%22%3A%22_g4BCn53GiZ%22%7D%2C%22bidSizes%22%3A%7B%2216410067c6e935c%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_g4BCn53GiZ%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22987fb852-9756-46aa-b1aa-5ec3fd0e5201%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22987fb852-9756-46aa-b1aa-5ec3fd0e5201%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22gpid%22%3A%22technology%2Ffuture_tense%2Frr-article-flex-1%22%2C%22data%22%3A%7B%22pbadslot%22%3A%22technology%2Ffuture_tense%2Frr-article-flex-1%22%7D%2C%22tid%22%3A%22efa9e176-8f03-4c99-ba40-3dac9661f2e4%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22rr-article-flex-1%22%2C%22transactionId%22%3A%22efa9e176-8f03-4c99-ba40-3dac9661f2e4%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%5D%2C%22bidId%22%3A%2216410067c6e935c%22%2C%22bidderRequestId%22%3A%221538b56141ee4c6%22%2C%22auctionId%22%3A%22445169d6-aa60-4e07-9a6b-09d45641b02b%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B1.8000030517578125%2C0.40000152587890625%2C2.5999984741210938%5D%2C%22userId.mods.identityLink.init%22%3A%5B1.8000030517578125%5D%2C%22userId.mods.quantcastId.init%22%3A%5B0.40000152587890625%5D%2C%22userId.mods.sharedId.init%22%3A%5B2.5999984741210938%5D%2C%22userId.init.modules%22%3A%5B8%5D%2C%22requestBids.usp%22%3A0.5%2C%22requestBids.userId%22%3A0.7000007629394531%2C%22requestBids.rtd%22%3A14.099998474121094%2C%22requestBids.validate%22%3A0.3000030517578125%2C%22requestBids.makeRequests%22%3A2.299999237060547%2C%22adapter.client.validate%22%3A0.10000228881835938%2C%22adapters.client.kargo.validate%22%3A0.10000228881835938%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.167.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-167-165.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:15 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Accept-Ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://slate.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/ 		18 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.22.0&cb=13590248854&lsavail=1
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://slate.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=18406752&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682901195844&ns_c=UTF-8&c7=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-activ...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=18406752&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682901195844&ns_c=UTF-8&c7=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-acti...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=18406752&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682901195844&ns_c=UTF-8&c7=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&c8=The%20SolarWinds%20hack%20is%20unlike%20anything%20we%20have%20seen%20before.&c9=
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Server
108.138.106.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-43.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P3
x-amz-cf-id
CeqQL7Xm3hqUE6CeDZMp8ImMHtptpz22xnOUo-j6TKZKzpyfi0bUWw==
x-cache
Miss from cloudfront

Redirect headers

date
Mon, 01 May 2023 00:33:15 GMT
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=18406752&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682901195844&ns_c=UTF-8&c7=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&c8=The%20SolarWinds%20hack%20is%20unlike%20anything%20we%20have%20seen%20before.&c9=
content-length
0
x-amz-cf-id
9T8YXgYj9raLFitLqnF2oxE2mGrhXhWyw1I2g4fOm_9WPo_ouMJ-hQ==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682901195844&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682901195844&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682901195844&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&c8=The%20SolarWinds%20hack%20is%20unlike%20anything%20we%20have%20seen%20before.&c9=
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Server
108.138.106.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-43.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P3
x-amz-cf-id
k7WQXo88uVK3Wp1hlwh-1eST2FQz5o2229_G3gy64y2NogZeO9kj2w==
x-cache
Miss from cloudfront

Redirect headers

date
Mon, 01 May 2023 00:33:15 GMT
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
location
/b2?c1=7&c2=34354936&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682901195844&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&c8=The%20SolarWinds%20hack%20is%20unlike%20anything%20we%20have%20seen%20before.&c9=
content-length
0
x-amz-cf-id
A6Fl4QjdZTZJbB-LBVui_FTAOnZoDLrIVAnyxQzKt2GkFOJ3OnQYlQ==
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3052
etag
W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7c03ee9a1d75713e-YUL
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 04 May 2023 00:33:15 GMT
tinypass.min.js
cdn.tinypass.com/api/ 		338 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=homyv5Uzpu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce322cf07a9f9c5015882172091756275fe22341d834504314507f6732ec87e5
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
x-amz-version-id
elJeo8ODUUqC5waNsBRiRF01GUSh66Zk
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
VFRQT927WM3A0WJX
age
12451
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
4MHtiY5t2FSAkIbRAfqJDlofl4/0g2QuCV2yvprExLZ/4/Ow34aBM+TKET25VD+6aZvwzwOARuI=
last-modified
Thu, 27 Apr 2023 07:29:37 GMT
server
cloudflare
etag
W/"80f4cb2b46b2cf1da3a2026d344d3aae"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7c03ee9a2e9c7150-YUL
expires
Mon, 01 May 2023 04:33:15 GMT
pmk-20220605.1.js
pm-widget.taboola.com/slate1-network/ 		109 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/slate1-network/pmk-20220605.1.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/slate1-network/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f7e54f450763464188c84e7f7606aa86f3351dd9c20e4a84d83d28b5a5b8228

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
RmSv2bM6XS.YBlGF3J5IaqSPjrewdPTp
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Mon, 01 May 2023 00:33:15 GMT
x-amz-request-id
SYV2KRCZPEW7B1TZ
age
2985874
x-cache
HIT, HIT
content-length
30546
x-amz-id-2
+0N4KxRcUY6cuw4A/L6lK0ItAXul28mtSoRM21lEP516TW3PB0wal1LpGSAq88rS5Vj0b+Zpifs=
x-served-by
cache-bur-kbur8200136-BUR, cache-yul12827-YUL
last-modified
Fri, 24 Mar 2023 16:07:03 GMT
server
AmazonS3
x-timer
S1682901196.854182,VS0,VE0
etag
"815ee6016740c365aa3e28bfbec8559e"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
3615, 45
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.131.233 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-131-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 01 May 2023 00:48:15 GMT
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.34.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-34-85.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:33:15 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.34.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-34-85.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://slate.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 01 May 2023 00:33:15 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
/
geo.privacymanager.io/ 		30 B
612 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f6ed6589-5170-40c6-98bc-a4a49ff26fa8/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-61.ewr53.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 08:17:30 GMT
via
1.1 ef066a0102f66b719933dbbef3bc5968.cloudfront.net (CloudFront), 1.1 960b27f23df49cd65e51133bf80b9878.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P4, EWR53-P1
age
58545
x-amzn-requestid
47941fda-1b02-43c7-a4e8-34c0d7836a32
x-amzn-trace-id
Root=1-644e241a-311b26fd2404d4b5046f76d1;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
ELqULGDEDoEFx6g=
content-length
30
x-amz-cf-id
DfdEljvgGyq6zJ37NoD5dSQWwZX1hliM-8f-VsgLTvfo3HYbqhKQrw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
en.json
cdn.cookielaw.org/consent/0e1d2de3-ec2a-48ca-8f78-11045575a199/a15d3973-47c1-4b6d-a45e-29ac668afd95/ 		145 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/0e1d2de3-ec2a-48ca-8f78-11045575a199/a15d3973-47c1-4b6d-a45e-29ac668afd95/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90d97a57757837b16b0bf9fac2df05311fbc09679aa7dcb2b7a5f6b3d118166e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 May 2023 00:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
bhDLc4Gp6sZ4VsDTIZbFKA==
age
72730
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
24610
x-ms-lease-status
unlocked
last-modified
Thu, 29 Dec 2022 16:33:49 GMT
server
cloudflare
etag
0x8DAE9BA76E51D1B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
526a62c7-301e-007c-3be1-5a45d3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c03ee9a69bc7154-YUL
expires
Tue, 02 May 2023 00:33:15 GMT
pixel;r=1370741585;labels=Keywords.cybersecurity%2CKeywords.internet%2CKeywords.state-department%2CKeywords.national-security%2CKeywords.microsoft%2CAuthor.Josephine%20Wolff%2CTitle.The%20SolarWind...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1370741585;labels=Keywords.cybersecurity%2CKeywords.internet%2CKeywords.state-department%2CKeywords.national-security%2CKeywords.microsoft%2CAuthor.Josephine%20Wolff%2CTitle.The%20SolarWinds%20Hack%20Is%20Unlike%20Anything%20We%20Have%20Ever%20Seen%20Before%2CTechnology;rf=0;a=p-fw53_-Tq3MNK1;url=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html;uht=2;fpan=1;fpa=P0-800028457-1682901195752;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;us_privacy=1---;ref=;d=slate.com;dst=0;et=1682901195928;tzo=0;ogl=title.The%20SolarWinds%20Hack%20Is%20Unlike%20Anything%20We%20Have%20Ever%20Seen%20Before%2Curl.https%3A%2F%2Fslate%252Ecom%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach%252Ehtml%2Cdescription.The%20actual%252C%20active%20theft%20of%20information%20from%20protected%20networks%20due%20to%20this%20brea%2Cimage.https%3A%2F%2Fcompote%252Eslate%252Ecom%2Fimages%2Fa93af3db-1af0-47d9-9f09-527c8cf76c76%252Ejpeg%3Fwidth%2Cimage%3Awidth.1560%2Csite_name.Slate%20Magazine%2Ctype.article;ses=26bdbe23-0f1f-4d5f-a79b-1e8b5ff2d1cb
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230430-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
797710
expires
60
json
trc.taboola.com/slatecom/trc/3/ 		106 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/slatecom/trc/3/json?tim=00%3A33%3A15.954&lti=deflated&data=%7B%22id%22%3A21%2C%22ii%22%3A%22%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1682846370259%2C%22vi%22%3A1682901195951%2C%22cv%22%3A%2220230430-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html%22%2C%22vpi%22%3A%22%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6172%2C%22nsid%22%3A%22slate1-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dslate1-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A5649.484375%2C%22mw%22%3A1300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Apub%3Dslate1-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230430-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
49ad499167e6845d7df4d4b2d7ee428fd5d6291ec373e976086fb0b89e06fbbd

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
1091
date
Mon, 01 May 2023 00:33:17 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-yul12827-YUL
server
nginx
x-timer
S1682901196.974663,VS0,VE1091
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://slate.com
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bid
aax.amazon-adsystem.com/e/dtb/ 		239 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3075&u=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&pid=Hrj6iqcRPAqce&cb=1&ws=1600x1200&v=23.426.459&t=1500&slots=%5B%7B%22sd%22%3A%22leaderboard-1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%2291898098%2Fslate.com%2Ftechnology%2Ffuture_tense%22%2C%22kv%22%3A%7B%7D%7D%5D&pj=%7B%22si_section%22%3A%22technology%20%20%20future%20tense%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A200%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.243.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-243-220.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
8b56bb2da9fa7ad26d9382d9aa2fa372036ea327361d0e84d2b7c4c0ac65a4ba
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-P1
x-amz-rid
GA3TCE0CKP2K70MNXVCR
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://slate.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
239
x-amz-cf-id
JxLzoV9XEHeUJXpdOjGp4hwlcoZCdFB3wPm2zW2urwvefLgkEulx_A==
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=271610&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2219fa189dcda6683%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Atrue%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.22.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html%22%2C%22tmax%22%3A1500%2C%22syncsPerBidder%22%3A10%2C%22pbadslot%22%3A%22technology%2Ffuture_tense%2Fleaderboard-1%22%2C%22adunitcode%22%3A%22leaderboard-1%22%2C%22divId%22%3A%22leaderboard-1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222039322c5b0146f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22271610%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22271610%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22271610%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22technology%2Ffuture_tense%2Fleaderboard-1%22%2C%22tid%22%3A%226cc58955-6dce-4a8d-9d37-259d7b858531%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22502db330-88c4-42a4-83c2-72d768fd1af5%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22987fb852-9756-46aa-b1aa-5ec3fd0e5201%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eea2130de31fd6a2080e6687452de23cbd752c19f2c747a50dbe93f3cc6a0091

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYkRC8BGTf8dfG8NQlIg2i55BxEx5sHCYEYn1aEFy6wUcBwfYmw8U611Ytt6QRNa29ZBlw9aCQU17CsNqDSbujgXdF7DKSAGB8IV7921SZAkxv8kO4SSbEzHXmB9FBuPXKuO4qCv"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://slate.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7c03ee9b3cf0a1de-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
slate
direct.adsrvr.org/bid/bidder/ 		0
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/slate
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://slate.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
cdb
bidder.criteo.com/ 		18 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.22.0&cb=27785721754&lsavail=1
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 May 2023 00:33:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://slate.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/ 		19 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&tmax=1500&us_privacy=1---
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.144.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-144-28.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua
content-type
application/json; charset=utf-8
access-control-allow-origin
https://slate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid
krk.kargo.com/api/v2/ 		2 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22b8d7d448-823a-435e-b38f-20d40ba1f39d%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A1500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1682901196031%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%223068b7bb68a122c%22%3A%22_mn5P4mLiWZ%22%7D%2C%22bidSizes%22%3A%7B%223068b7bb68a122c%22%3A%5B%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_mn5P4mLiWZ%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22987fb852-9756-46aa-b1aa-5ec3fd0e5201%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22987fb852-9756-46aa-b1aa-5ec3fd0e5201%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22gpid%22%3A%22technology%2Ffuture_tense%2Fleaderboard-1%22%2C%22data%22%3A%7B%22pbadslot%22%3A%22technology%2Ffuture_tense%2Fleaderboard-1%22%7D%2C%22tid%22%3A%226cc58955-6dce-4a8d-9d37-259d7b858531%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22leaderboard-1%22%2C%22transactionId%22%3A%226cc58955-6dce-4a8d-9d37-259d7b858531%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%5D%2C%22bidId%22%3A%223068b7bb68a122c%22%2C%22bidderRequestId%22%3A%2229985612294a01c%22%2C%22auctionId%22%3A%22502db330-88c4-42a4-83c2-72d768fd1af5%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B1.8000030517578125%2C0.40000152587890625%2C2.5999984741210938%5D%2C%22userId.mods.identityLink.init%22%3A%5B1.8000030517578125%5D%2C%22userId.mods.quantcastId.init%22%3A%5B0.40000152587890625%5D%2C%22userId.mods.sharedId.init%22%3A%5B2.5999984741210938%5D%2C%22userId.init.modules%22%3A%5B8%5D%2C%22requestBids.usp%22%3A0.3999977111816406%2C%22requestBids.userId%22%3A0.10000228881835938%2C%22requestBids.rtd%22%3A18.700000762939453%2C%22requestBids.validate%22%3A0.20000076293945312%2C%22requestBids.makeRequests%22%3A1.5%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.167.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-167-165.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Accept-Ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://slate.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
prebid
ib.adnxs.com/ut/v3/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2e22bcb1209a70bdef71b0e3074e23d62a21b3e71cca7085f66d0d2775b90553
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 01 May 2023 00:33:16 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a38e2b3e-005e-44ab-b228-a8c7e181af42
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://slate.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
slate-d.openx.net/w/1.0/ 		190 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://slate-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6cc58955-6dce-4a8d-9d37-259d7b858531&nocache=1682901196035&us_privacy=1---&pubcid=987fb852-9756-46aa-b1aa-5ec3fd0e5201&aus=970x250%2C970x90%2C728x90&divids=leaderboard-1&aucs=technology%252Ffuture_tense%252Fleaderboard-1&auid=557570606
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5a297d9fefc4e4fb322951458651d04825ea4aa02602ad16ff8d6627e982bd7e

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://slate.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
web
onesignal.com/api/v1/sync/265824b5-c7bc-45dc-ba30-563fefa1485a/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/265824b5-c7bc-45dc-ba30-563fefa1485a/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
027d1d3da3a1fc01a0c292b7f35c1db9368ce1623b97b0f76ca7b4add3b42df0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
191
cf-polished
origSize=5707
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
a5f7fa00-01df-4d52-ad50-b8282b86f7d5
x-runtime
0.024714
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"871c174f55ffecf7ea740dcfb8958874"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7c03ee9b6f28713e-YUL
access-control-allow-headers
SDK-Version
expires
Mon, 01 May 2023 01:33:16 GMT
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:49b::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5b4c012c740d120a384871f05af3184799f6e2b607767a5d6229e2a82aac103b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Oct 2022 14:05:13 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5959
Expires
Mon, 01 May 2023 01:33:16 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
vO8A/abKpoPacUrvSk9OSw==
age
23614
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3020
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:35 GMT
server
cloudflare
etag
0x8DADC66B7AF38D0
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
fcd3e165-501e-0082-62e1-5a79b6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c03ee9bbbc87154-YUL
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
XcxlleAcPGO2n5kTZrHH2Q==
age
72731
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:50 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
a465679c-d01e-0179-4de1-5af7f9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7c03ee9bbbcf7154-YUL
iu3
s.amazon-adsystem.com/ Frame CF8B
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&dcc=t
368 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
4267d38679fbbc2c22bf8ab16d0babd37ca8a4dcca73f2e1d73136f09e81ddf7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
368
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
2FNHC45KM4AKKJR75KK6

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
CEMC9S785Y5P2A6F9TEC
analytics
slate.com/ 		2 B
312 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://slate.com/analytics?eventName=Prebid%2520Winning%2520Bid&eventData=%257B%2522bidder%2522%253A%2522appnexusAst%2522%252C%2522cpm%2522%253A0.11%252C%2522adUnit%2522%253A%2522rr-article-flex-1%2522%252C%2522incrementalValue%2522%253A0.11%252C%2522indexDisabled%2522%253Afalse%252C%2522liveRampId%2522%253Afalse%257D
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-yul12822-YUL
date
Mon, 01 May 2023 00:33:16 GMT
via
1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
x-slate-uuid
f1cb91b9-b7e5-4dcb-afcc-88783e6096ca
x-timer
S1682901196.163101,VS0,VE0
x-frame-options
sameorigin
x-cache
MISS
content-type
application/json
vary
Origin
accept-ranges
bytes
content-length
2
retry-after
0
x-cache-hits
0
integrator.js
adservice.google.ca/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=slate.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=slate.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1435026483694479&correlator=3617913432438362&eid=31074189&output=ldjh&gdfp_req=1&vrg=202304260101&ptt=17&impl=fif&us_privacy=1---&iu_parts=91898098%2Cslate.com%2Ctechnology%2Cfuture_tense&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600%7C160x600&ifi=1&adks=2071824379&didk=4004759336&sfv=1-0-40&prev_scp=site%3Dredux%26refresh%3Dno%26pos%3Drr-article-flex-1%26threshold%3D400%26outstream_eligible%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.11%26hb_adid%3D37674772582df7c%26hb_bidder%3DappnexusAst&eri=1&cust_params=permutive%3D%26dfp_cache_buster%3Dacb89d53a12ac777cc2465c99a002dd4df4d2907%26page_id%3Dckiumwxom000085m9h4uhykrk%26page_type%3Darticle%26ab_var%3D4_0%26article_right_rail%3Dtrue%26al_test%3Dal_enabled%26hb_test%3Dix_enabled_openx_disabled&sc=1&cookie_enabled=1&abxe=1&dt=1682901196173&lmt=1682901196&dlt=1682901195335&idt=654&adxs=1150&adys=1445&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&frm=20&vis=1&psz=300x250&msz=300x250&fws=516&ohw=1600&ga_vid=505593970.1682901196&ga_sid=1682901196&ga_hid=1712472803&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4393282941042ec06dc5cb8c8dca93bcbf115522193859d92fd6e417fc43e1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9708
x-xss-protection
0
google-lineitem-id
6010548619
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138391559620
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://slate.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
194dc8bc3de6f7266f5cc8ec065a9c4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F6FC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://194dc8bc3de6f7266f5cc8ec065a9c4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:33:16 GMT
expires
Tue, 30 Apr 2024 00:33:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
verify
id.tinypass.com/id/api/v1/identity/token/ 		195 B
868 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.tinypass.com/id/api/v1/identity/token/verify?callback=jsonp8578&client_id=homyv5Uzpu&site=https%3A%2F%2Fslate.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24635339cb9abbc0640e0b2a79343f188f468090f8a5c399d76d5b93ac934bfc
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
MgveytriWkg
pragma
no-cache
wn
prod-id-10-0-131-169
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
server-time
0.001
cache-control
no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials
true
cf-ray
7c03ee9c4a507150-YUL
access-control-allow-headers
origin, content-type, accept, authorization
expires
Thu, 01 Jan 1970 00:00:00 GMT
cx.js
cdn.cxense.com/ 		103 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:49b::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a11d62109f30ddb0d4b4f74e8b340ccc50a471ea1e5a888a5f17631c31cf9545

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Apr 2023 13:31:47 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34188
Expires
Mon, 01 May 2023 01:33:16 GMT
ot_close.svg
cdn.cookielaw.org/logos/static/ 		651 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
73440
x-ms-lease-status
unlocked
last-modified
Thu, 27 Apr 2023 20:26:48 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
05906a7c-f01e-0165-098c-792fee000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7c03ee9c5b27714a-YUL
p.js
fpa-cdn.slate.com/keys/slate.com/ 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fpa-cdn.slate.com/keys/slate.com/p.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb59b80fac02f84de6115b5fbda6bdc0855835195edb7083a0773c208ccb5a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 07:06:43 GMT
content-encoding
gzip
via
1.1 8f060aa38a518e1d4516e68318e81658.cloudfront.net (CloudFront)
last-modified
Tue, 15 Mar 2022 16:42:38 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
62794
etag
W/"bbc31bfacbc04e696822f712268e3245"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-cf-id
N3BVW_uPZzpLVGlHhJb26S_sp2tS-K5dhOsFQisyolbiV5T_Fn_fKg==
166975463695820
connect.facebook.net/signals/config/ 		150 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/166975463695820?v=2.9.102&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
899fa99d27fbc39ac33df165cda6a683654647349ebf92b46b737ed00f3f5ca5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 01 May 2023 00:33:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
42292
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
SXdoT/M3ODuoGk8AmB2/nt+ScUzje+UhTy0bYshoRw3UIto4zlOb0XzNqldtLip9nVlQQjTb2468t560XR7c+A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		133 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-794295919
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5e09abf7e8920c10c96766e7b2f3ed2e054435d6ce0d0aa15fcee5e0182bd0e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52076
x-xss-protection
0
last-modified
Mon, 01 May 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 01 May 2023 00:33:16 GMT
onejs
z-na.amazon-adsystem.com/widgets/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=797217ac-ca6e-482f-8925-4c302e9c855c
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.161.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-161-188.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
e8669a1acfa0d29600deae96b3391fe688d2ad3113651843eb250ec5162e8ab1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
Public
date
Mon, 01 May 2023 00:30:20 GMT
content-encoding
gzip
via
1.1 890550823a9a161b47289586a4b1b944.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
age
176
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
content-length
7392
x-amz-cf-id
yTPYarwCzlmRUWEB8SH3mTPpdEqdyeRdQcodu3FUEN4z0K6h2E3FvA==
expires
Mon, 01 May 2023 00:35:20 GMT
16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
cdn.permutive.com/ 		469 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98ae01a9a53a2c022ae813bfe508b425c6b91373e51a4f3705aaf58dde64448c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
16d3bd5c-bf92-4bf0-815a-eac397d3aadf
age
0
x-guploader-uploadid
ADPycdvhy8V4SOroIgV7bMg2MzHTWHFtUpXRVW8J6zfuj-tllKJW8arsjSakCHIWDZnj6-f8jUKQ1PMYtPwvf39-E_ItgEtM8wFu
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Tue, 25 Apr 2023 19:23:15 GMT
server
cloudflare
etag
W/"39f16b21ecb31e1c99ef5f2080196af8"
vary
Accept-Encoding
x-goog-generation
1682450595121793
content-type
application/javascript
x-goog-hash
crc32c=yNozfQ==, md5=OfFrIeyzHhyZ718ggBlq+A==
cache-control
public, max-age=900
x-goog-stored-content-length
135661
timing-allow-origin
*
cf-ray
7c03ee9ccf22a202-YYZ
expires
Mon, 01 May 2023 00:48:16 GMT
analytics
slate.com/ 		2 B
345 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://slate.com/analytics?eventName=Prebid%2520Winning%2520Bid&eventData=%257B%2522bidder%2522%253A%2522appnexusAst%2522%252C%2522cpm%2522%253A0.12%252C%2522adUnit%2522%253A%2522leaderboard-1%2522%252C%2522incrementalValue%2522%253A0.12%252C%2522indexDisabled%2522%253Afalse%252C%2522liveRampId%2522%253Afalse%257D
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-yul12822-YUL
date
Mon, 01 May 2023 00:33:16 GMT
via
1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
x-slate-uuid
2b4d1f21-0026-4d80-8bb8-7b8ec14c04b3
x-timer
S1682901196.290835,VS0,VE3
x-frame-options
sameorigin
x-cache
MISS
content-type
application/json
vary
Origin
accept-ranges
bytes
content-length
2
retry-after
0
x-cache-hits
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1435026483694479&correlator=3617913432438362&eid=31074189&output=ldjh&gdfp_req=1&vrg=202304260101&ptt=17&impl=fif&us_privacy=1---&iu_parts=91898098%2Cslate.com%2Ctechnology%2Cfuture_tense&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=970x250%7C970x90%7C728x90%7C1x3&ifi=2&adks=275029715&didk=3855199324&sfv=1-0-40&prev_scp=site%3Dredux%26refresh%3Dno%26pos%3Dleaderboard-1%26threshold%3D400%26outstream_eligible%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.11%26hb_adid%3D39db78faf692c6c%26hb_bidder%3DappnexusAst&eri=1&cust_params=permutive%3D%26dfp_cache_buster%3Dacb89d53a12ac777cc2465c99a002dd4df4d2907%26page_id%3Dckiumwxom000085m9h4uhykrk%26page_type%3Darticle%26ab_var%3D4_0%26article_right_rail%3Dtrue%26al_test%3Dal_enabled%26hb_test%3Dix_enabled_openx_disabled&sc=1&cookie_enabled=1&abxe=1&dt=1682901196267&lmt=1682901196&dlt=1682901195335&idt=654&adxs=315&adys=341&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&frm=20&vis=1&psz=0x1&msz=1600x1&fws=4&ohw=1600&ga_vid=505593970.1682901196&ga_sid=1682901196&ga_hid=1712472803&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
646c747b3e5fe8d484efe45767d7752511bcd164b5b85796d565f8d46779daca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9546
x-xss-protection
0
google-lineitem-id
6010548619
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138391559413
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://slate.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
inferredevents.js
connect.facebook.net/signals/plugins/ 		72 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.102
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 01 May 2023 00:33:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21972
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
EeqVfZNGJN+2+aAKV+/lN/WonHQWtJMqHN2UffFmDoxo2Bp1NmjadP53Ve/iNEmOc5jPfHtnDKD8Xa+nK5tTtA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
execute
c2.piano.io/xbuilder/experience/ 		22 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=homyv5Uzpu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f3b32bade6e2a55c3ddbed3867b8a9e43ed53191c2db5bc1dda1319a85cd58
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
g4ihpnpyt2
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://slate.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7c03ee9d2c93714a-YUL
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=166975463695820&ev=PageView&dl=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&rl=&if=false&ts=1682901196326&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=29&cs_est=true&fbp=fb.1.1682901196325.532608583&it=1682901196215&coo=false&rqm=GET
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 01 May 2023 00:33:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pr
s.amazon-adsystem.com/v3/ Frame 6CE0 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
7ce57162fb4eecd9b22dbf6d02cde9a1e35d666be4dca61f3a4f4abf92817c81
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3881
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
ZWRSEXXW5KCF5E7ZTQ5Y
getad
aax-us-east.amazon-adsystem.com/x/ 		50 B
364 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-797217ac-ca6e-482f-8925-4c302e9c855c%22%2C%22tracking_id%22%3A%22slatmaga-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22CA%22%2C%22textlinks%22%3A%220262038854%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22slatmaga-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=797217ac-ca6e-482f-8925-4c302e9c855c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5A12TFKN5KHDR3CEA4C2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
50
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/794295919/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/794295919/?random=1682901196356&cv=11&fst=1682901196356&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&hn=www.googleadservices.com&frm=0&tiba=The%20SolarWinds%20hack%20is%20unlike%20anything%20we%20have%20seen%20before.&us_privacy=1---&auid=223065443.1682901196&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-794295919
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d38d8666b7d0178eaa958e31a3ee0d6cf5576511b40e31a9896b9b432ca22488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1268
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 6CE0 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-167-202.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:16 GMT
Cache-Control
no-cache
Last-Modified
Monday, 01-May-2023 00:33:16 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
fpa-events.slate.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fpa-events.slate.com/plogger/?rand=1682901196392&plid=47388480&idsite=slate.com&url=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&sref=&sts=1682901196387&slts=0&title=The+SolarWinds+hack+is+unlike+anything+we+have+seen+before.&date=Mon+May+01+2023+00%3A33%3A16+GMT%2B0000+(GMT)&action=pageview&pvid=42799529&u=pid%3D8a1f8a8169b4b8497d6fd9bf0e4a9cdd
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.168.31.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-31-100.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:16 GMT
Cache-Control
no-cache
Last-Modified
Monday, 01-May-2023 00:33:16 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pxid
16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co/v2.0/ 		46 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co/v2.0/pxid?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
9e28fa9d82242b662e465442400ccf862cc3bbd8d3f948513a5ada603cde4332

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://slate.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		29 B
986 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5efa0b0610403b14c18f336c0717b17ef23ab49093cec7db3daeb4c44ea8ea93
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
AN-X-Request-Uuid
f29596dc-9b0f-4876-be98-57ec0faf10d8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://slate.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
29
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
16d3bd5c-bf92-4bf0-815a-eac397d3aadf-models.bin
cdn.permutive.com/models/v2/ 		22 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-models.bin
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f162d79e1ecca18e012cffb391e558ef6835d12a4619f05ccf99db0f216c49a1

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
16d3bd5c-bf92-4bf0-815a-eac397d3aadf
age
0
x-guploader-uploadid
ADPycdvDAMEeB-l7Ek_sx9nKYwECi5QWJM5H_i2gyH9T8xOO_xFjmnOk_9WDfs2d2Va65RRTKu6pXJIaUR_qjJtiN1IjnCqZN19K
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
15584
last-modified
Sun, 30 Apr 2023 06:03:45 GMT
server
cloudflare
etag
"6a6836dbfe9362e3e2997acf3c040a87"
vary
Accept-Encoding
x-goog-generation
1682834625743197
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=XBPYcg==, md5=amg22/6TYuPimXrPPAQKhw==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
15584
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9e1a40ab3b-YYZ
expires
Mon, 01 May 2023 00:10:30 GMT
geoip
api.permutive.com/v2.0/ 		271 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip&include=ip_hash&k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
92c9de8a507a62cfb5e8122a5bc9dcdf17efe8adaa20d2b575886987bbfce4ed

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://slate.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199
watson
api.permutive.com/v2.0/ 		438 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
a1f6e7d6305e9ec2b13f2e65ebb9d8d97a8ccc9cd74ba5f4e604f5aa83eea2f0

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://slate.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
254
amzns2s
rtb.gumgum.com/usync/ Frame 20CC 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.224.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-224-89.compute-1.amazonaws.com
Software
nginx /
Resource Hash
03afc2cc26af862b24585d43a18f3357eac368350f50d83df5c4b9594ccb4156

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 01 May 2023 00:33:16 GMT
etag
W/"0be035464013e948ee1583fe0055768f3"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 9CBD
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
618bd9f4ba12ae14543ab4bba76c19dc8d8e3eec340ced7a7861c91cec8762ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
2015
Content-Type
text/html
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
sync
ms-cookie-sync.presage.io/amazon/ Frame 4656 		631 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-28.ewr52.r.cloudfront.net
Software
/ Express
Resource Hash
bb4c8c05b0989e2551d3e187658bc9eb0808b56a4f38b097d50111cfe6fd51af

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
631
Content-Type
text/html; charset=utf-8
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
0
Pragma
no-cache
Surrogate-Control
no-store
Via
1.1 96457af3f289bfa24042a3475201173c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
abQ77Z58ZmbpiR6j0NixlSMsx8f-9lsPZRYzQFTrfBbZsKRMBkQlQQ==
X-Amz-Cf-Pop
EWR52-C4
X-Cache
Miss from cloudfront
X-Powered-By
Express
cm
u.openx.net/w/1.0/ Frame 672E 		693 B
707 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
904c6b0d37c3413174c977c57f79055c2fec5d75ae2f254703ea981ba11ed572

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
396
content-type
text/html
date
Mon, 01 May 2023 00:33:16 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame DD34
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8433210686061420878&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8433210686061420878&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
XCN8CHNHZ35N7REYN5EJ

Redirect headers

content-length
0
date
Mon, 01 May 2023 00:33:15 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8433210686061420878&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame C98C
Redirect Chain
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-8f2ecMn3ZDRpurp-JBF-C-cwDOLljfJZqEjb-WN-ZA
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-8f2ecMn3ZDRpurp-JBF-C-cwDOLljfJZqEjb-WN-ZA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:33:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CX3KNQ5P2Y82ER8JRX2E

Redirect headers

date
Mon, 01 May 2023 00:33:16 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-8f2ecMn3ZDRpurp-JBF-C-cwDOLljfJZqEjb-WN-ZA
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
/
match.sharethrough.com/jwumXNuB/v1/ Frame BD80 		427 B
936 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.70.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-70-135.compute-1.amazonaws.com
Software
/
Resource Hash
847299c4d2737a29128e8d2310ad3e9c1355045cb5e08507f7136b1274a4d0c4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
427
date
Mon, 01 May 2023 00:33:16 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FFF4 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=32303
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 01 May 2023 00:33:16 GMT
expires
Mon, 01 May 2023 09:31:39 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A42C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 May 2023 00:33:16 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame C0F9
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
828 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
0acd5dd80d37fe16b59740b1461ae202c1ff1427ca5cf988b788c6e91d1ab31e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
828
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-stage-0
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
cw-server
bh-deployment-stage-0
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 1265
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JVXp0U2NSRTJ1TFRCOGJ4bFI0NWNHaktHbmN1RnpBRH5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JVXp0U2NSRTJ1TFRCOGJ4bFI0NWNHaktHbmN1RnpBRH5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
WXCN31BAZ0XACZ1Q6BBP

Redirect headers

age
0
content-length
0
date
Mon, 01 May 2023 00:33:16 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JVXp0U2NSRTJ1TFRCOGJ4bFI0NWNHaktHbmN1RnpBRH5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame E9DD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=1217742735073133822&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=1217742735073133822&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
WX7XS2VWMF075A9TD3PZ

Redirect headers

AN-X-Request-Uuid
965c0870-6230-4a2e-8fae-bbb418909ec3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=1217742735073133822&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
53a437f9-f744-4c85-a5d3-e26c0adef874
https://slate.com/ 		161 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://slate.com/53a437f9-f744-4c85-a5d3-e26c0adef874
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32254ea32578643cb100d685e02d6c21b6998205797c03a569df93794c75c2a1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
164917
Content-Type
9e56f8ff-0a09-4f31-800f-7ad4fa9a45b3
https://slate.com/ 		161 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://slate.com/9e56f8ff-0a09-4f31-800f-7ad4fa9a45b3
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32254ea32578643cb100d685e02d6c21b6998205797c03a569df93794c75c2a1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
164917
Content-Type
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		586 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=homyv5Uzpu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de691b6d025bc044a19093616a7098d20d1d5d040ae6f6ef5d08be747a1916bf
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
MgveytruiRd
pragma
no-cache
wn
prod-dash-10-0-85-239
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.003
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c03ee9e68fd4bd1-YUL
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 3324 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
686308b8beff17f784bdd66aec9c886d13cbbef632ef153a4c34f43a873b41a0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
age
770
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=300
cf-cache-status
HIT
cf-ray
7c03ee9e4dbf7150-YUL
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 01 May 2023 00:33:16 GMT
expires
Mon, 01 May 2023 00:38:16 GMT
last-modified
Mon, 01 May 2023 00:13:37 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.001
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-80-172
x-forwarded-https
on
x-request-id
MpydytrnxQt
x-xss-protection
0
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		586 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=homyv5Uzpu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
720db81c641221066f5b4a272472cc8f87973ac298f7e25cc906bb15a8ce339b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
MgveytrRyTc
pragma
no-cache
wn
prod-dash-10-0-142-31
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.003
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c03ee9e69004bd1-YUL
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame E74D 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99b97fc965e8a02f3d64e974eedc64f7bb7124a65cf9a6823f9dfbc5d281694b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
age
770
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=300
cf-cache-status
HIT
cf-ray
7c03ee9e4dc07150-YUL
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 01 May 2023 00:33:16 GMT
expires
Mon, 01 May 2023 00:38:16 GMT
last-modified
Mon, 01 May 2023 00:13:54 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.001
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-130-83
x-forwarded-https
on
x-request-id
M6zdytrciaO
x-xss-protection
0
amazon
ce.lijit.com/beacon/ Frame 91D4
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
4a639d194df41fd91d6848c28aa50b5a4a4cc8cc80b3787bbdf3876670513bf7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
480
Content-Type
text/html
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap1dca1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1dca1
ecm3
s.amazon-adsystem.com/ Frame 7D7F
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3260224274252108573155
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3260224274252108573155
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CRS36J71S2H8T9A9H5C3

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 01 May 2023 00:33:16 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3260224274252108573155
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sp1.html
cdn.cxense.com/ Frame 3795 		684 B
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:49b::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
379
Content-Type
text/html
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
Thu, 11 May 2023 00:33:16 GMT
Last-Modified
Tue, 11 Jan 2022 07:21:04 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 672E 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=1305fb76-227b-c2a7-2b72-14bcf11aaa1c
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X93ZMDF47G1HFC0PGDRW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
df14e14f-ae7d-eb14-daab-80de667eacb5
pr-bh.ybp.yahoo.com/sync/openx/ Frame 672E 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/df14e14f-ae7d-eb14-daab-80de667eacb5?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:3829:a14e:8be6:e46f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 672E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=1305fb76-227b-c2a7-2b72-14bcf11aaa1c
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZQSQ81S2G3S4DQX1GZ5A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 672E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=4bd3870b-3ed1-795d-eb7c-962b992961fc&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=4bd3870b-3ed1-795d-eb7c-962b992961fc&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ceafc3a-8e26-4266-b01b-ef810856e5c7&ttd_puid=4bd3870b-3ed1-795d-eb7c-962b992961fc&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ceafc3a-8e26-4266-b01b-ef810856e5c7&ttd_puid=4bd3870b-3ed1-795d-eb7c-962b992961fc&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ceafc3a-8e26-4266-b01b-ef810856e5c7&ttd_puid=4bd3870b-3ed1-795d-eb7c-962b992961fc&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 672E 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjdiYzU0YzEtZjdhNi0yN2Y5LWZlOWMtY2M5MjUzY2JhZjlj
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 672E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIUSBzQS9fg0E0OKNG6BYao&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIUSBzQS9fg0E0OKNG6BYao&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIUSBzQS9fg0E0OKNG6BYao&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 3324 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
3685
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Apr 2023 14:32:22 GMT
wn
prod-dash-10-0-134-216
server
cloudflare
etag
W/"26850-1682519542000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
7c03ee9ecea97150-YUL
expires
Mon, 01 May 2023 02:33:16 GMT
slate.css
slate.com/css/ Frame 3324 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://slate.com/css/slate.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f7a04c3013ba1f4f820d0edd71ffb4cbcdd372c619f5a66567a347359174727
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
age
28
x-cache
HIT, HIT
content-length
2786
x-served-by
cache-iad-kiad7000107-IAD, cache-yul12822-YUL
last-modified
Thu, 27 Apr 2023 18:36:58 GMT
x-timer
S1682901197.607654,VS0,VE2
etag
"644ac0ca-2d61"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
text/css
cache-control
public, max-age=60
accept-ranges
bytes
x-cache-hits
584359, 1
main.css
slate.com/css/piano/ Frame 3324 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://slate.com/css/piano/main.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
43695acd4c098054a506d222e398fe54c97f1dced6b3c77a05dfbb36252e38c3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
age
26
x-cache
HIT, HIT
content-length
1323
x-served-by
cache-iad-kiad7000133-IAD, cache-yul12822-YUL
last-modified
Thu, 27 Apr 2023 18:36:59 GMT
x-timer
S1682901197.608419,VS0,VE1
etag
"644ac0cb-15a7"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
text/css
cache-control
public, max-age=60
accept-ranges
bytes
x-cache-hits
544912, 1
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 3324 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1147826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2Fvqbg3%2BdpDiSXUFOhKRqhxvorTzc%2BMJk7RDXH%2BFbPAuhdJj05b8oin%2FptAoRmN7RS8CkHAJ8zWa3iCYkKcSQxAiYJi1y84kjKlXwOS%2FcbdnghtUmz3m6%2BVTTCKvBghgnI6bR2%2Fevp6xuicnY%2BZglBsJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9efd674bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 3324 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
282474
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwwYcW2NzZhhhY%2FaH4unrdmUxsUwHscW7bEVbt%2FJc4K24eE%2Bkt0%2F%2FgUQmz%2BqI56mJAlQD5YdtoV8oVqckj3BVYjuUDO63vWhPkNk12VVY361RWnWIumIC466hcuoFGCo4dLp%2FBr%2Fh9k6T%2BILRS97AKPX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9efd6a4bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 3324 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1484575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lj6zj98ERHRNDAul9UBG5T7yNnvyxicMMjKyIr1grGC0S2f8P%2BqNRguU1PH9hrHsOMVJArWl4089e%2Ft5YqC4uXoML16tVr%2FyR8AqIb06sRfKcOQBQ7z3IrDbwxb4h6102Cy9oTc5AT448lM7xOCG8L04"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9efd6b4bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 3324 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1570504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSwsoHa%2B%2FdTf6ykIhboWGQLzRV%2Bulg6C3NcmqswcQgqvWmNQEdmfDh0%2F%2FOx1sNaMFuwKo%2Btzl6V6gwZNoD5GD7Ir%2BCp5yL7mWp%2BTKvcbuNEswB%2BPu361ot%2Bj%2BRT3TJcQO62OXdVgt%2F5%2FF3aV8vMscnSy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9efd6d4bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 3324 		825 B
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9962483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLrXBImDe2HTFi8DFK2S3VeCVZmxn2k4hfPFdB81FCLvDDpPwFnjIPX3TStA%2Bg1oerKbSh8nm%2FuUEwJqm%2Bma%2BK03AuljmJJ3pLrjvpscDZ405hNsD8WnMLA6Bk2Az6vQiZUdZ4taoxiKTYECGxP0hE77"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9efd6f4bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 3324 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
12983011
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9b%2F%2FPdCv7Y4D3CFCLlX%2FV3zpZeD2LpWFL8sdLBVuZrRuE395FALL7RUblZgU85LM7o53t4HPh6oihM0XdepDxJArtxwVTgmxgw4fGUfB4RZWBm5%2B6j6N0j2Rea7D3j3YXWbLHtPnzZLtiib3J5V8qru"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9efd704bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 3324 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1569912
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BxSZLJc0ovUWDPX8O%2Fumf4pzKnTib817QjXOGhShdMqEw7oOwA4Keph4rVW6TC7t72ijCULv%2F4rR8y9fEu1rq4%2FJsdxGW2E2hVoylCr%2FFWtR3ebou2m3WPBM3JuSkOwrKRidYjThkEPTvB0H5gn3SZI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9f0d7a4bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 3324 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5696325
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVvpe%2FmppRI6m4Ys7bYVNI2W1Aip8Z%2By%2Bi9tXT5xSnm8Y5xWNucCmGkhCGR3qN21tBzxjco%2BlBNigiC7LEWr3WqF%2BoAUc9nSME6feR7uJkmXdgwSaObXvje4334FGQK0bL09gwysNntYyXFX5Gw%2FgF4Q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9efd724bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 3324 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5300466
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FcHdDRc4mVUb4ces5AgwKZQy4UUC2%2FzclGp8AFQVJQg%2BrhNzkoOYGXO7XW6uMtuu0dYkzoy6qoO8qsgKpqUEcMCrBd80OaE9wWNYw83fL7alLM3QLKKdUuO7CoNWwTJHUdB9oFg3WC3ySglqkzHX3VI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9f0d7f4bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 3324 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7854737
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDRJHnnCf7%2FOnK2QCoHLDTTBW4o4NN%2BF6RwKhPQwcDR5tO%2FfsqpPlpiVgRz2HYY48k4SukuYjkLA6ry8aRelHsk%2Fl%2FJj0vbx8Lbj%2FYOh%2BjmafPEwb9UEYOriVf9jgSJV%2F6AXrVBsgR%2FvnmrEWPAPO5jt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9f0d744bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame 3324 		39 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=homyv5Uzpu&version=1593110338000&language=en_US
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee370285bb332d4c9ca2d23feb450c817824e279b9327aeda0001d83641c12e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Mgveytr0gR1
pragma
wn
prod-dash-10-0-142-31
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
server-time
0.001
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
7c03ee9eceac7150-YUL
expires
Mon, 1 May 2023 20:33:16 EDT
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame 3324 		64 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=15.167.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc4486bbdf8740307d3efd8f6740f37fbb1a63958981cfaf20b26f75a5c91865
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
61336
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Apr 2023 14:32:22 GMT
wn
prod-dash-10-0-112-97
server
cloudflare
etag
W/"65811-1682519542000"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
server-time
0.000
cache-control
public, max-age=86400
cf-ray
7c03ee9ecead7150-YUL
expires
Tue, 02 May 2023 00:33:16 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 3324 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.167.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e78d23ae6e5e0f82394424866f999a7247b301cb7ccca0fe39ad303121be8061
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTMOCIN8Z60P&templateVariantId=OTVJCMSHZ9BZ0&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_025221b39ae0a88784ea-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
372
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Apr 2023 15:53:48 GMT
wn
prod-dash-10-0-91-29
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=602844
x-optimized-by
_sam
cf-ray
7c03ee9eceae7150-YUL
expires
Mon, 08 May 2023 00:00:40 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame E74D 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
3685
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Apr 2023 14:32:22 GMT
wn
prod-dash-10-0-134-216
server
cloudflare
etag
W/"26850-1682519542000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
7c03ee9eee297151-YUL
expires
Mon, 01 May 2023 02:33:16 GMT
slate.css
slate.com/css/ Frame E74D 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://slate.com/css/slate.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f7a04c3013ba1f4f820d0edd71ffb4cbcdd372c619f5a66567a347359174727
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
age
28
x-cache
HIT, HIT
content-length
2786
x-served-by
cache-iad-kiad7000107-IAD, cache-yul12822-YUL
last-modified
Thu, 27 Apr 2023 18:36:58 GMT
x-timer
S1682901197.631326,VS0,VE0
etag
"644ac0ca-2d61"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
text/css
cache-control
public, max-age=60
accept-ranges
bytes
x-cache-hits
584359, 2
main.css
slate.com/css/piano/ Frame E74D 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://slate.com/css/piano/main.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
43695acd4c098054a506d222e398fe54c97f1dced6b3c77a05dfbb36252e38c3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
age
26
x-cache
HIT, HIT
content-length
1323
x-served-by
cache-iad-kiad7000133-IAD, cache-yul12822-YUL
last-modified
Thu, 27 Apr 2023 18:36:59 GMT
x-timer
S1682901197.631074,VS0,VE0
etag
"644ac0cb-15a7"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
text/css
cache-control
public, max-age=60
accept-ranges
bytes
x-cache-hits
544912, 2
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame E74D 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1147826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJSls1Z3BVG%2F9R19uJl%2FHCwiBcMXJXYXZVfI6qjrIc1dpM34su7TwVJji2fQEAFwqmxG9DRJhlKYYHHkjflzmk0F29dXqgNwn88wTlkS4Ao2h7qxoIcaIt2ancUSVCmgFMl0SrcGjng3qaPSzcfN5WKS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9f0d824bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame E74D 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
282474
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4t8XX5Dtz5Btul2B94LC0tkZM3MJzia2saD5inD0ousKXevZ%2BuFmHgTmL2mfgPd57%2BSiPcJ7L3bEdw8ZtXIBLvzSzGhsEa6RTGB2uBDSL0IkLp25TuLH%2BY2lu%2FJOz41gKmKgauJbwuNW%2FoBiwaI9WPB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9f0d844bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E74D 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1484575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FqkVsODIlUpX6ksRDhJW%2BtNRygrY5KlENfH29imKeQ7sRy3XTakVAZVjeCJqYp22R1p7BJS7JuMGTVw7iAwYQZuduef%2B0OdH0u%2FHXGxzCZpjMEpA2j%2FvAeDfil3WYv77tZr0Ju4pSSSAVUg160mXZAI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9f0d764bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E74D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1570504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aigWXRoGPUY6jUR1ftgINIK29swb1IgO73rmXb1u5Oy1bZNmSvZZMCuiWvzy0Df5tcMvYlTD488QvJhqoxApsib8chx7RrnLJ%2FEyGSVi0M%2FCpwHjjEf8ee%2F8Xu%2FlL6ojcgjzRFpLN8Of1RVuB1ueduUh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9f0d814bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E74D 		825 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9962483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAoiX7XVW2Xj1vmEkoXzhLinP9vNdZ0UZorjv2O3eanL5Bg9n1nVbW%2FNWib9L1MfLfqBYSCi5xybjunsGK2aJppDxoQvyQeVywieCXaqeExpNT%2Fn3nvvJYFrdj9WbXhlEdXkEKRk%2Fdb4SeDCMoWk0y8u"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9f0d914bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E74D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
12983011
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fedhY9mgIbZ6RAmeymrRyhOH3YUsi9%2F9MXxWxcgTBDA06dhH2Swh%2B6yZAhO6nLoZzoB4KOIyN95RKce6hz50JG4Xp66eUswthEijRqbJcedANezg7edGt5xPWv%2BAvnQRQEDdgURGYFbYh3GUEu%2Fo4XI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9f0d854bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame E74D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1569912
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5NrHkAAlEow81SJJNI2h5miOsE0Vcf4dexZAyJ9CmDoF%2BifC5IVedPJx695hojOTmIZVyV9dlGJSgAN7sdQwGgWVFKHQeTNADb8SS%2Fpbs2P4MEFqVuzdKGOdv8XMCygp8HyogXuG57y8GrTRNz9pRUw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9efd714bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame E74D 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5696325
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oztUmA78ShbEoB9rqYNZutlvb%2F7tfZ8pwlw1d3U4Q%2FUmpdVseKm9tF7MgsZFbF6e0RT0H6UK5dwCKDRKU7mMVe0L45GQDdbk7pWLshSbZWQzXBAMfOq24HK2qfDAUAjdoue1oWQf5IUHcH4AngEorTqR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9f0d8b4bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame E74D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5300466
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Ld5264E%2Bv6%2BBFOJPz819Mr4k9T%2Fw8%2FEcpabmEYyOYUPn5Iwp15C2a1RXRtmmSK4KBiHWjC8d7g4HKbPk7A1BVrFWgevmUnQ9BqGZDeenjYGYTp5oRKVqDjCK7oOsqqXDyAcSgDD%2Fx0rK5lhv6sj%2BVc7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9f0d874bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame E74D 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7854737
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aYupFwWNBIjPXuKtyEhEfKRsFiQob4xnUJfnIeBYUb6HGWtwYBjoUUcUd6%2FuhNXLUQlmmT1nr1iX63zu4D4Aswi80sGx6lQv5p4BFrYs9raT2hryXAAFFS2W%2FNBDQ02l0wy0Py9BjVgI%2FDoO%2FVmAerQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03ee9f0d794bd7-YUL
expires
Sat, 20 Apr 2024 00:33:16 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame E74D 		39 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=homyv5Uzpu&version=1593110338000&language=en_US
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee370285bb332d4c9ca2d23feb450c817824e279b9327aeda0001d83641c12e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
MgveytrMWIH
pragma
wn
prod-dash-10-0-85-239
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
server-time
0.002
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
7c03ee9efe2d7151-YUL
expires
Mon, 1 May 2023 20:33:16 EDT
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame E74D 		64 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=15.167.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc4486bbdf8740307d3efd8f6740f37fbb1a63958981cfaf20b26f75a5c91865
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
61336
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Apr 2023 14:32:22 GMT
wn
prod-dash-10-0-112-97
server
cloudflare
etag
W/"65811-1682519542000"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
server-time
0.000
cache-control
public, max-age=86400
cf-ray
7c03ee9efe2f7151-YUL
expires
Tue, 02 May 2023 00:33:16 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame E74D 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.167.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e78d23ae6e5e0f82394424866f999a7247b301cb7ccca0fe39ad303121be8061
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=homyv5Uzpu&templateId=OTP34AB2S6DW&templateVariantId=OTVBLO8G86GG2&offerId=fakeOfferId&experienceId=EXQPH1MM1VME&iframeId=offer_dafb5e5ddc40cde92c1e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fslate.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
372
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Apr 2023 15:53:48 GMT
wn
prod-dash-10-0-91-29
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=602844
x-optimized-by
_sam
cf-ray
7c03ee9efe307151-YUL
expires
Mon, 08 May 2023 00:00:40 GMT
usync.js
eus.rubiconproject.com/ Frame A42C 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3ad153145535384b64b055ab14a32c0078416de71e27b9097e0bb027a5b823a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:16 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Apr 2023 15:25:48 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53566
Connection
keep-alive
Content-Length
10020
Expires
Mon, 01 May 2023 15:26:02 GMT
cx.js
cdn.cxense.com/ Frame 3795 		103 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:49b::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f9a14368257e7ae608b41966f9d8551e61390e593400e69013ea2e39ecd097a9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Apr 2023 13:31:47 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34188
Expires
Mon, 01 May 2023 01:33:16 GMT
/
www.google.com/pagead/1p-user-list/794295919/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/794295919/?random=1682901196356&cv=11&fst=1682899200000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&frm=0&tiba=The%20SolarWinds%20hack%20is%20unlike%20anything%20we%20have%20seen%20before.&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3228876551&rmt_tld=0&ipr=y
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/794295919/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/794295919/?random=1682901196356&cv=11&fst=1682899200000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&frm=0&tiba=The%20SolarWinds%20hack%20is%20unlike%20anything%20we%20have%20seen%20before.&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3228876551&rmt_tld=1&ipr=y
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 20CC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1217742735073133822
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=1217742735073133822
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Mon, 01 May 2023 00:33:16 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7502cd43-faa5-4a6c-b1e0-817afd517d07
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=1217742735073133822
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 20CC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_dd10adf0-fccf-44b8-bc31-c7295cd141ec&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_dd10adf0-fccf-44b8-bc31-c7295cd141ec&gdpr=&gdpr_consent=&us_privacy=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=b396bfb6-8ff1-4e87-8bea-092305024ea2&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 01 May 2023 00:33:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 20CC
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28gTzE7je0bL3jUrvHvyMB0n67pgETWkxZgBF2JibFImkYPhDkYHbERJzMeIGmk1Ix%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_dd10adf0-fccf-44b8-bc31-c7295cd141ec&obuid=ENC(gTzE7je0bL3jUrvHvyMB0n67pgETWkxZgBF2JibFImkYPhDkYHbERJzMeIGmk1Ix)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LH43X5G9-W-CF1I&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LH43X5G9-W-CF1I&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
64.202.112.127 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:17 GMT
Cache-Control
no-cache
X-TraceId
5bc902a56f80c8908639303f5d737a15
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LH43X5G9-W-CF1I&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
usersync
usersync.gumgum.com/ Frame 20CC
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=bcee237b-16c4-410b-8c07-86c6517960ba
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=bcee237b-16c4-410b-8c07-86c6517960ba
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=bcee237b-16c4-410b-8c07-86c6517960ba
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 20CC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-aee3e84a-9648-5082-7b18-bc1b6a6da401$ip$149.56.153.187
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-aee3e84a-9648-5082-7b18-bc1b6a6da401$ip$149.56.153.187
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-aee3e84a-9648-5082-7b18-bc1b6a6da401$ip$149.56.153.187
Date
Mon, 01 May 2023 00:33:16 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 20CC
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-BK07ZeVE2pcFTzM0r6Qh22zyj7TYH.le1pCy~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-BK07ZeVE2pcFTzM0r6Qh22zyj7TYH.le1pCy~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-BK07ZeVE2pcFTzM0r6Qh22zyj7TYH.le1pCy~A
content-length
0
usersync
usersync.gumgum.com/ Frame 20CC
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=1608ec07-25bd-4a37-83ed-b449872e489b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=1608ec07-25bd-4a37-83ed-b449872e489b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=1608ec07-25bd-4a37-83ed-b449872e489b
Date
Mon, 01 May 2023 00:33:16 GMT
Connection
keep-alive
X-CI-RTID
ff90e8b3-0e34-4897-98a6-e6d179bad25f
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 20CC
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=5597529CCA40456999768DE69389154D
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=5597529CCA40456999768DE69389154D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 01 May 2023 00:33:16 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
335464027
location
https://usersync.gumgum.com/usersync?b=snc&i=5597529CCA40456999768DE69389154D
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 20CC 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:33:15 GMT
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 20CC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_dd10adf0-fccf-44b8-bc31-c7295cd141ec&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=HFec2YkIGWgZAP77xHbg&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVEEMZLDGJMWWSKHK5TVUQKQG43XQSDCM4
  • https://usersync.gumgum.com/usersync?b=zem&i=HFec2YkIGWgZAP77xHbg
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=HFec2YkIGWgZAP77xHbg
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=HFec2YkIGWgZAP77xHbg
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 20CC
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=52de0b4b-82e3-4a30-a0e6-78e647fb725d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=52de0b4b-82e3-4a30-a0e6-78e647fb725d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=52de0b4b-82e3-4a30-a0e6-78e647fb725d
access-control-allow-origin
*
date
Mon, 01 May 2023 00:33:16 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 20CC
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=n5Rjf5W01gnn&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=n5Rjf5W01gnn&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://usersync.gumgum.com/usersync?b=pln&i=n5Rjf5W01gnn&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
usersync
usersync.gumgum.com/ Frame 20CC
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=8433210686061420878
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=8433210686061420878
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=8433210686061420878
date
Mon, 01 May 2023 00:33:16 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 20CC 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_dd10adf0-fccf-44b8-bc31-c7295cd141ec
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YFQB8N2VX31QNTS8Q8T4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame C0F9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=bk9kT2RoNXFweHpQbUtLcUsxaFdmZw&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEME2wRl8BSoc7blc413ATI0&google_cver=1
49 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEME2wRl8BSoc7blc413ATI0&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEME2wRl8BSoc7blc413ATI0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame C0F9
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=61597a5930870564&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAACSpP2su2lggML40bCAAAAAAA&expiration=1682987596&nuid=&is_secure=true
49 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAACSpP2su2lggML40bCAAAAAAA&expiration=1682987596&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAACSpP2su2lggML40bCAAAAAAA&expiration=1682987596&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame C0F9 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=n5Rjf5W01gnn&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0G89T6CBPKJQQCQJXPTK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
906b2a7baed50703db09de97bff4b6a0afda8a6b293c886f1385c0dc93073a16

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://slate.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
data
api.cxense.com/public/widget/ 		7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22neighborRemovalKeys%22%3A%5B%22id%22%5D%2C%22neighbors%22%3A%5B%5D%2C%22categories%22%3A%7B%22testgroup%22%3A%2266%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22userState%22%2C%22value%22%3A%22anon%22%7D%2C%7B%22key%22%3A%22LTs%22%2C%22value%22%3A%22notProfiled%22%7D%2C%7B%22key%22%3A%22LTc%22%2C%22value%22%3A%22notProfiled%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2266%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html%22%7D%2C%22widgetId%22%3A%228e845f77d4af91b5755803d1115cf66e6bbf19aa%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22lh43x5i8b1qqhapo%22%7D%7D%2C%22prnd%22%3A%22lh43x5i8mec649df%22%7D&media=javascript&sid=1129570900026411565&widgetId=8e845f77d4af91b5755803d1115cf66e6bbf19aa&experienceId=EX6NH8ULG1D7&trackingId=%7Bkpdx%7DAAAArg_ag_3zagoKaG9teXY1VXpwdRIQbGg0M3g1aThtZWM2NDlkZhoMRVg2Tkg4VUxHMUQ3IiUxODA3a3NnMGQ4LTAwMDAzMXVrbjlmOGJ0dXNjdjIxcHZlOHJnKiBzaG93UmVjb21tZW5kYXRpb25zREk3Rk1CQlgzM1lJOVISdi1rAPAfaTJzZ2ZsN2Q3WhQyNjA3OjUzMDA6NjA6Nzg2Nzo6N2IDZHdjaMy0waIGcAZ4GA&resizeToContentSize=true&useSecureUrls=true&usi=lh43x5i8b1qqhapo&rnd=852616916&prnd=lh43x5i8mec649df&tzo=0&experienceId=EX6NH8ULG1D7&callback=cXJsonpCB1
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
86.109.7.56 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
52983b3a229336f48187d711ecdf7cc7c45181c253a71ad9ac140c7248b6d9cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
3989
expires
Mon, 26 Jul 1997 05:00:00 GMT
cm_:onejs_load_evt@v=1302,onejs_exec_time@v=3,aax_load_time@v=316,aax_load_time_one_tag@v=316,aax_punt@v=1,aax_punt_one_tag@v=1
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=1302,onejs_exec_time@v=3,aax_load_time@v=316,aax_load_time_one_tag@v=316,aax_punt@v=1,aax_punt_one_tag@v=1?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=6e3232ca-f45d-48fe-9997-1c34e6edf827&session=c2b230ca-d3df-4632-871b-80b38ca8f6bc
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:16 GMT
x-amzn-RequestId
7c5c436c-5aae-46f7-b7a0-414ed41e3490
Content-Type
text/plain
view
securepubads.g.doubleclick.net/pcs/ Frame AE2C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst41l5h7xts5syRZJ6Vo8Ugwoi1kX2-IT51WcWdX60BI7mRb2oXsqX1Jm9H2K-Apppb9-Jy3R3CojobIWkUB-G3sGXvXyGILPgUeh3UH-i6dHtORVQBmWWD7FOR21PfJw-UCUY3P0AFUFVawna5F6lZCchDGo9CVgrW5YPldpXe-JwQUs83UZLCkmFwzsheV9_R9I65aPqaaShteWgNdwxdi2FPnqtgZ1TQi5Zn_IqEhLHUC-K14ZIcHcgTtc0sjRGbBQQ7cPSJKUXf4YxXIH0QQkZl9Anz2LFru_yxVnVwlFRok8YiwFr1f8Zpyesy8ayCdjtNZb0zvWm1yF0pEg&sai=AMfl-YQ3BBpooef7UlkEe6y01oPdPzHHeYLfzW8aqhvjh725gDNqtQweKHxYoqkT58L7AQxp-YiegEw74ZeSqDokH1gMwPi_5dCIn0uRXZ1u6biEKxE50yI0-X0OcunF7Hwk5Z-FQ_KQ_egHYYgFs-M&sig=Cg0ArKJSzLAvEh--LomtEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
0d086ffc-9b7b-4bcb-b5ff-3c4ca0e13b01
dcdn.adnxs.com/renderer-content/ Frame AE2C 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcdn.adnxs.com/renderer-content/0d086ffc-9b7b-4bcb-b5ff-3c4ca0e13b01
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
d30c1f95fda4d20f4bca32ed409faacc7d2f8dc719611ccdf480a41550f2b9db

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
gzip
Via
1.1 varnish, 1.1 varnish
x-b3-traceid
2af488634f371301
Age
70483
X-Cache
HIT, HIT
an-served-by
hbapi-proxy-production-7858c695bd-q7j56
x-envoy-upstream-service-time
7
x-b3-parentspanid
cfb13845abb840d5
Connection
keep-alive
Content-Length
2941
X-Served-By
cache-lga13624-LGA, cache-yul12833-YUL
Server
nginx/1.21.3
X-Timer
S1682901197.788619,VS0,VE1
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400
x-b3-spanid
7e38a16c93989afd
x-b3-sampled
1
Accept-Ranges
bytes
X-Cache-Hits
1, 1
trk.js
cdn.adnxs.com/v/s/232/ Frame AE2C 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/232/trk.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
Thu, 25 Apr 2024 08:42:19 GMT
Date
Mon, 01 May 2023 00:33:16 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
402658
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27631
X-Served-By
cache-lga21975-LGA, cache-yyz4527-YYZ
Last-Modified
Wed, 26 Apr 2023 08:42:13 GMT
Server
AkamaiNetStorage
X-Timer
S1682901197.782481,VS0,VE0
ETag
"c342094e8bdad308ac07817d751fb315:1682498533.672161"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
13, 225164
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AE2C 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 01 May 2023 00:33:16 GMT
analytics
slate.com/ 		2 B
1016 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://slate.com/analytics?eventName=Ads%2520Performance&eventData=%257B%2522timeToFirstAdLoad%2522%253A1673%252C%2522campaignId%2522%253A3023294543%257D
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-yul12822-YUL
date
Mon, 01 May 2023 00:33:16 GMT
via
1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
x-slate-uuid
5cc60596-fc7d-4753-842e-fe2a718225c9
x-timer
S1682901197.726807,VS0,VE0
x-frame-options
sameorigin
x-cache
MISS
content-type
application/json
vary
Origin
accept-ranges
bytes
content-length
2
retry-after
0
x-cache-hits
0
ecm3
s.amazon-adsystem.com/ Frame BD80 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=12f48a0b-0054-49af-8fa5-c71116eb9cb1
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
68JPBCR3WG2D4W98BZAP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame BD80
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2ceafc3a-8e26-4266-b01b-ef810856e5c7&gdpr=0&gdpr_consent=
68 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2ceafc3a-8e26-4266-b01b-ef810856e5c7&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.225.70.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-70-135.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2ceafc3a-8e26-4266-b01b-ef810856e5c7&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame BD80
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2ceafc3a-8e26-4266-b01b-ef810856e5c7&gdpr=0&gdpr_consent=
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2ceafc3a-8e26-4266-b01b-ef810856e5c7&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.225.70.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-70-135.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2ceafc3a-8e26-4266-b01b-ef810856e5c7&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame BD80
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=HFec2YkIGWgZAP77xHbg&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZTWI4DSHUYCM43POVZGGZK7NFSD2YJXHEZTKMZQGU4DC...
  • https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=HFec2YkIGWgZAP77xHbg
68 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=HFec2YkIGWgZAP77xHbg
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.225.70.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-70-135.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
Content-Type
text/html; charset=utf-8
Location
https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=HFec2YkIGWgZAP77xHbg
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
147
Expires
Thu, 01 Dec 1994 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame BD80
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LH43X5G9-W-CF1I&gdpr=0
68 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LH43X5G9-W-CF1I&gdpr=0
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.225.70.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-70-135.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LH43X5G9-W-CF1I&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
Expires
0
usersync
usersync.gumgum.com/ Frame 9184
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=778b644f-08cd-4200-9c5c-da65e0d1f631&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=778b644f-08cd-4200-9c5c-da65e0d1f631&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
Mon, 01 May 2023 00:33:15 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master ord-pixel-x10 config_version:"unknown"
location
https://usersync.gumgum.com/usersync?b=mmh&i=778b644f-08cd-4200-9c5c-da65e0d1f631&gdpr=&gdpr_consent=
user-sync
sync.adkernel.com/ Frame 82AB 		21 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
43e96d451b13a80f769c106908376c94b31beb9aac6566498c5c60f0059ca4f1

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
21
Date
Mon, 01 May 2023 00:33:16 GMT
Pragma
no-cache
Server
nginx
usersync
usersync.gumgum.com/ Frame C8E1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZE8IzAAGrfCaLwAp
  • https://usersync.gumgum.com/usersync?b=atm&i=ZE8IzAAGrfCaLwAp&gdpr=&gdpr_consent=&_test=ZE8IzAAGrfCaLwAp
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZE8IzAAGrfCaLwAp&gdpr=&gdpr_consent=&_test=ZE8IzAAGrfCaLwAp
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 01 May 2023 00:33:16 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZE8IzAAGrfCaLwAp&gdpr=&gdpr_consent=&_test=ZE8IzAAGrfCaLwAp
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12824-YUL
x-timer
S1682901197.830641,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame E9EE 		170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9kZDEwYWRmMC1mY2NmLTQ0YjgtYmMzMS1jNzI5NWNkMTQxZWM=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:33:16 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6B94 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=32303
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 01 May 2023 00:33:16 GMT
expires
Mon, 01 May 2023 09:31:39 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 2BF3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=2ceafc3a-8e26-4266-b01b-ef810856e5c7
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=2ceafc3a-8e26-4266-b01b-ef810856e5c7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Mon, 01 May 2023 00:33:16 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=2ceafc3a-8e26-4266-b01b-ef810856e5c7
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 75E9
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZE8IzcCo8X0AAIOrpPkAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZE8IzcCo8X0AAIOrpPkAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 01 May 2023 00:33:17 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 01 May 2023 00:33:17 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZE8IzcCo8X0AAIOrpPkAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40135.dc2p.scaleout.jp
X-SO-IP
149.56.153.187
X-SO-Key
ZE8IzcCo8X0AAIOrpPkAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"149.56.153.187","key":"ZE8IzcCo8X0AAIOrpPkAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40135"}
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40135
rum
dsum-sec.casalemedia.com/ Frame 9CBD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=2ceafc3a-8e26-4266-b01b-ef810856e5c7&expiration=1685493196&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=2ceafc3a-8e26-4266-b01b-ef810856e5c7&expiration=1685493196&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=2ceafc3a-8e26-4266-b01b-ef810856e5c7&expiration=1685493196&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 9CBD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE8IzFXUuxVLPNY5y8A8iAAAAKwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDGYkLx42Hy9ir88uTfR1Kk&google_cver=1
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDGYkLx42Hy9ir88uTfR1Kk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDGYkLx42Hy9ir88uTfR1Kk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 9CBD 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE8IzFXUuxVLPNY5y8A8iAAAAKwAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
513E1HHZP6WENQQTTC2H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9CBD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE8IzFXUuxVLPNY5y8A8iAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELE4Gtoahdz3-DGzHS5l0tk&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELE4Gtoahdz3-DGzHS5l0tk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELE4Gtoahdz3-DGzHS5l0tk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9CBD
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=l5KSg5GexYeMw5CGk5-LhpmWntyMx5SDkJQiGG0Y
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=l5KSg5GexYeMw5CGk5-LhpmWntyMx5SDkJQiGG0Y
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=l5KSg5GexYeMw5CGk5-LhpmWntyMx5SDkJQiGG0Y
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9CBD
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259157762175
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259157762175
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:17 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
1771
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259157762175
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c03eea23d62ecee-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9CBD
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=69a0fa36-3253-43ca-8d85-307195cd265f&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=69a0fa36-3253-43ca-8d85-307195cd265f&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=69a0fa36-3253-43ca-8d85-307195cd265f&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Mon, 01 May 2023 00:33:17 GMT
server
_
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 9CBD 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZE8IzFXUuxVLPNY5y8A8iAAAAKwAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
56HQB3FP3M7RHMRQ19S8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 91D4 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=GkehhPZHZHsGau6qT6if1y1n&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P4NZ99WG2JZ9WD6QD9X1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 91D4
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=1217742735073133822&gdpr=0&gdpr_consent=
43 B
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=1217742735073133822&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Mon, 01 May 2023 00:33:16 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
36a841fa-b4ad-4f38-8041-e222406f3584
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=12&3pid=1217742735073133822&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 91D4
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1682901196715&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=E221993AEBB24A2B8493EE00CA67D0D7
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=E221993AEBB24A2B8493EE00CA67D0D7
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 01 May 2023 00:33:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=E221993AEBB24A2B8493EE00CA67D0D7
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 30 Apr 2023 00:33:17 GMT
merge
ce.lijit.com/ Frame 91D4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=fmx&bsw_custom_parameter=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=b288d4ed-1a7a-4989-9a3a-da6049374581&expires=1&user_group=5&ssp=fmx&bsw_param=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://ce.lijit.com/merge?pid=26&3pid=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent=
Date
Mon, 01 May 2023 00:33:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 91D4
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=kDiH9pY00PKLaYXzlDWe8548i6mLbYH2lz7aycZs
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=kDiH9pY00PKLaYXzlDWe8548i6mLbYH2lz7aycZs
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=kDiH9pY00PKLaYXzlDWe8548i6mLbYH2lz7aycZs
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 91D4
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tlaGhQWkhaSHNHYXU2cVQ2aWYxeTFu&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tlaGhQWkhaSHNHYXU2cVQ2aWYxeTFu&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H3
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 01 May 2023 00:33:16 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tlaGhQWkhaSHNHYXU2cVQ2aWYxeTFu&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
usersync
usersync.gumgum.com/ Frame 65D7
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_dd10adf0-fccf-44b8-bc31-c7295cd141ec&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
  • https://usersync.gumgum.com/usersync?b=aad&i=f0b70f73-cbb2-4720-91cd-e39926ff3dec
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=f0b70f73-cbb2-4720-91cd-e39926ff3dec
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=f0b70f73-cbb2-4720-91cd-e39926ff3dec
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usermatchredir
ssum-sec.casalemedia.com/ Frame F818 		43 B
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:33:16 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame 12BA
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=RDgIAw7H5oEzuDq18Bgx&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=RDgIAw7H5oEzuDq18Bgx&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 01 May 2023 00:33:17 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 01 May 2023 00:33:17 GMT Mon, 01 May 2023 00:33:17 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=RDgIAw7H5oEzuDq18Bgx&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 2B23
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 May 2023 00:33:16 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 01 May 2023 00:33:16 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
PugMaster
image6.pubmatic.com/AdServer/ Frame FFF4 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=79101049&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
751718bb402b4053f424abf4b3ca2d2d984e07cf8027b75c344272556e5f7a0a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 30 Apr 2023 15:17:23 GMT
content-length
1677
content-type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame 4656 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ogury.com&id=67e2524c-7ab9-4b1c-b099-904da00ff08b
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SGH55EJYGQ9W9GTWA9W8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bid-switch
ms-cookie-sync.presage.io/v1/init-sync/ Frame 4656 		35 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/v1/init-sync/bid-switch?iab_string=undefined&web_uid=67e2524c-7ab9-4b1c-b099-904da00ff08b&source=tam
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-28.ewr52.r.cloudfront.net
Software
/ Express
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:16 GMT
Via
1.1 96457af3f289bfa24042a3475201173c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR52-C4
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
35
Pragma
no-cache
Last-Modified
Wed, 18 Jan 2023 13:45:37 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
T28k_3byj4VgGgFEVQ5WjbpStAXkrBRIPmkdGtFjO6W-MN_HTuqiag==
Expires
0
init-sync
ms-cookie-sync.presage.io/ttd/ Frame 4656 		35 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/ttd/init-sync?iab_string=undefined&web_uid=67e2524c-7ab9-4b1c-b099-904da00ff08b&source=tam
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-28.ewr52.r.cloudfront.net
Software
/ Express
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:17 GMT
Via
1.1 96457af3f289bfa24042a3475201173c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR52-C4
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
35
Pragma
no-cache
Last-Modified
Wed, 18 Jan 2023 13:45:37 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
NjvyfjkeJCRvLAvDM9rBKKfy0L6ugZi3Cj0sogdNDwsChwsWm3-WtA==
Expires
0
init-sync
ms-cookie-sync.presage.io/xandr/ Frame 4656 		35 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/xandr/init-sync?iab_string=undefined&web_uid=67e2524c-7ab9-4b1c-b099-904da00ff08b&source=tam
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-28.ewr52.r.cloudfront.net
Software
/ Express
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:17 GMT
Via
1.1 96457af3f289bfa24042a3475201173c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR52-C4
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
35
Pragma
no-cache
Last-Modified
Wed, 18 Jan 2023 13:45:37 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
-bamREkPqg1m_gYao_ZqZ3b9qtAN3PTr0bIXiPY1ml_Kic_d3hUrfg==
Expires
0
cs&eq_cc=1
um2.eqads.com/um/ Frame 62A7
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.84.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-84-78.compute-1.amazonaws.com
Software
/
Resource Hash
04aad4af266d83216ac5e9c795a149c5817436c3c420e87960513986eb302692

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:33:17 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Mon, 01 May 2023 00:33:17 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:33:16 GMT
location
/um/cs&eq_cc=1
audiences
api.permutive.com/audience-matching/v1/id/0fbc5f50-41d4-4212-87b7-0d26e0d452d3/ 		12 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/0fbc5f50-41d4-4212-87b7-0d26e0d452d3/audiences?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:33:16 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
p1.js
p1cluster.cxense.com/ Frame 3795 		47 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
794008db76499ecb1406d0c4e1b721417674a0dde9e42e15e63c0cd5ad3e862a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
last-modified
Tue, 01 Nov 2022 00:33:17 GMT
server
Jetty(9.4.28.v20200408)
etag
3qn48g6rgpmwd11nb2x1s0a48t
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript;charset=utf-8
cache-control
private, proxy-revalidate
content-length
47
expires
Wed, 01 May 2024 00:33:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F858 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupy8WW-K9CBleGas-asBL1Y0RkGbbt9o8LNmla2dpW3MWIC0j2iSDk5xGYqILdHeVvmIZn6RaV4BQk9htlIrzcBlZS-2wJaOv0r-8HR3fDEAZ1dmfrVK8xZmmq8hK28mR-TxtLPf8mxp5fbRn8I64WoiGH3dB4DsWK9rubHl_CRgSCw9Cj_xMmHTRx5Gpm6krewWtFet9F_twGqdarHx3GgSspzTwNRPQrpGdrk3k6kS4IjkBXjBhdkDLVEXFVzpgcOob_b4Hf7iH41xTO0-9EI8yW6Q5yQAWoZaKvdXSlZVZGkAj9pZMLfqny0tW9-GJ2h82rW0c4-5wLrKSl0A&sai=AMfl-YSz4aFT15cUZ_xkK4_gnJLmf4PvXlB2lSm95yBPbIG0uInSeViQzAGW5Yk8obp4YmP4IsfkuWFjGr3EjKDH2lBW9HeniU49ROSL4UHlttEtHUY2K74blI2LcoFDTihiDW8kuC-rrOznuiyLgiw&sig=Cg0ArKJSzDNIZvFr8R_-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
1cf58be1-ce78-42f3-bebb-e8207b2f2bf3
dcdn.adnxs.com/renderer-content/ Frame F858 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcdn.adnxs.com/renderer-content/1cf58be1-ce78-42f3-bebb-e8207b2f2bf3
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
1e8d857c74c9944446ff9e0891f27d886abd5ea32ed699a9d78e2ca5892798a1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:17 GMT
content-encoding
gzip
Via
1.1 varnish, 1.1 varnish
x-b3-traceid
0f277ffd7fd1993e
Age
18411
X-Cache
HIT, HIT
an-served-by
hbapi-proxy-production-7858c695bd-5rbcf
x-envoy-upstream-service-time
7
x-b3-parentspanid
ffa818efec425556
Connection
keep-alive
Content-Length
2951
X-Served-By
cache-lga21948-LGA, cache-yul12833-YUL
Server
nginx/1.21.3
X-Timer
S1682901197.050313,VS0,VE0
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400
x-b3-spanid
1e9ca6b1f3e454c0
x-b3-sampled
1
Accept-Ranges
bytes
X-Cache-Hits
1, 2
trk.js
cdn.adnxs.com/v/s/232/ Frame F858 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/232/trk.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
Thu, 25 Apr 2024 08:42:19 GMT
Date
Mon, 01 May 2023 00:33:17 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
402658
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27631
X-Served-By
cache-lga21975-LGA, cache-yyz4527-YYZ
Last-Modified
Wed, 26 Apr 2023 08:42:13 GMT
Server
AkamaiNetStorage
X-Timer
S1682901197.052345,VS0,VE0
ETag
"c342094e8bdad308ac07817d751fb315:1682498533.672161"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
13, 225165
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F858 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 01 May 2023 00:33:17 GMT
op.js
tagan.adlightning.com/slate/ 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/slate/op.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b505e3b944af95571915802e44a7dd6e4f91667f50e0fb5446a734c6e4558b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
D9CU0osRanzM43ThrRr8Md1u.A94mBme
content-encoding
gzip
via
1.1 b364a698bd3b40fc657ca5500f6818ce.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 23:56:07 GMT
x-amz-cf-pop
EWR53-C3
age
2231
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
16478
x-amz-meta-git_commit
8db6969
last-modified
Sun, 30 Apr 2023 02:55:36 GMT
server
AmazonS3
etag
"930a7904d699713592d3f4eb29d029d4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
DKNV7V5Gc-jsn3y4snjhw6PYqX85Pa77bpc2QFpW3RAuEhBbmJNO6Q==
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 3324 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
3674
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2177
last-modified
Wed, 26 Apr 2023 15:53:48 GMT
wn
prod-dash-10-0-134-71
server
cloudflare
etag
W/"2177-1682524428000"
vary
Accept-Encoding
content-type
image/png
server-time
0.001
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
7c03eea1cb7d7151-YUL
expires
Mon, 01 May 2023 02:33:17 GMT
resize.js
slate.com/piano/scripts/ Frame 3324 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slate.com/piano/scripts/resize.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
90816272c28c1206d19bfa325b59453979c1dac41b9e527bb345106ef4dc8452
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
age
26
x-cache
HIT, HIT
content-length
1490
x-served-by
cache-iad-kcgs7200174-IAD, cache-yul12822-YUL
last-modified
Thu, 09 Mar 2023 17:02:57 GMT
x-timer
S1682901197.098250,VS0,VE0
etag
"640a1141-df5"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
x-cache-hits
985905, 3
r
shftr.adnxs.net/ Frame AE2C 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shftr.adnxs.net/r?url=https%3A%2F%2Fd2cli4kgl5uxre.cloudfront.net%2FML%2Fs_150x150.png&width=100&height=100&crop=1&bidder=529&buying_member=13368&selling_member=6939&creative_id=373358055
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.38 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
shftr-nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
49dea5abbe9daa28bfab55a3ee386818f458e870f713e2146dc8ecbb3155a440

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:17 GMT
Server
nginx/1.21.3
Connection
keep-alive
Content-Length
9144
Content-Type
image/png
get
choices.trustarc.com/ Frame AE2C 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-93.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sat, 01 Apr 2023 23:54:52 GMT
via
1.1 ef24c2f85065aa2c39cf270c915f3398.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
JFK50-P2
age
2507905
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
N_9YHSQo6j3PA5xIfBIrUMeoqG_kgZEzFYt4AP8G8rwkB1eSOw8KfA==
expires
Mon, 01 May 2023 23:54:52 GMT
r
shftr.adnxs.net/ Frame AE2C 		720 KB
720 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shftr.adnxs.net/r?url=https%3A%2F%2Fd2cli4kgl5uxre.cloudfront.net%2FML%2F861c26d9c6fbc1da1d81ce063994bc39__scv1__1200x628.png&width=1200&height=627&crop=1&bidder=529&buying_member=13368&selling_member=6939&creative_id=373358055
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.38 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
shftr-nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8e2ca51357c1963264828b8b8546b6a500a11f7a3b84204d2b35f4fc35ae3f4e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:17 GMT
Server
nginx/1.21.3
Connection
keep-alive
Content-Length
737394
Content-Type
image/png
ic
trace.mediago.io/ju/ Frame AE2C 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trace.mediago.io/ju/ic?tn=fd2c78e45533ef29df88e75fbc16275a&trackingid=13458c06038314763e4e7d692d2d5e95&acid=348&data=-DJJ5afaeVW3-vJ-HArGw_oJNQkT0vuPG8SLUm1TDVDheYaCncac6arDH0sjwrHbWLwTzjhnCSbPnZLW4G3n_V5DPoGTrlQdElNbXyVOFSZtrUOw69zavmZn2bL_Vpi-Gy0nhAIGivMjGttMiVrKrtTtOr-AZlVPHitn1cxZEZ-71a3UfeHdDL4dV9cfxahDdpjNEzG0PUj0GRknQSWIuyJCXMmYU2ah_92HVBjZxZ9sW3MSUTsjJuP2uS1e5I3iRRAACkba-HyR5W2XWC026virbI-BwWEjQAwby78Bdd3JqdvnBaavC5Jjh7x-zk6TXvkUOaQLhGdBRFYQysL1rKYqpx-Pm-tciszQ3qP9nfSE7XrGl6q5siPh50NY3VELG2eQtO9rF7pNfMvC28y_TM8pTmfpAXJYt8dOFLc4BLtsKOPkJqWt9ervj6o0LqeeMnvfBuFhPAoI0rnm9YZgBh5JFFN6Pt72Q3NIRErYY0i-pg0csPumgsPMtSDfIz9ghc08wgcBRrGaJ5BHqDtZOU7zqxk7RAvqh-_QeEX7bGwY1c9cAp-B0VjMgOVdMMETicaC4vUs-7JLfPrjcvDFTJkukb0ozqJclPVnbSJGU0x0FJA5-XhUPeIgOeXfaU6jKToWIXOeYeK_ac5tMd3cewthkubq-VqRLwAsYaXIuK-59lDGsa1YsB0OnC22n6Yt4rSIvWl6eAy3Wj2vbelnOOwvsnrrmb235vCXeN9OdLqKAV9-JcP9f519HmdXmpQGfxLzMDKT87BG3d4grHp0jJTegQEk63XhWFSQmer-9dGyK5JbRji0T0HzbEQZ0D9RP3Wc5_Dh1MNmWn84uxGK-4XYAbLLlko_dTxkh6T1X96aTflJWvQsjh6VVh-xUwDplTfczEkQw5lut62RYbPxeUVw-pvIB6G_FTRMB63We-O0xhcl7Zky1db6M3UtfWL5feW5_v5-MrIaqYQLaie4LbBhLDT6mPGm4l2RXByDNSt4Rb-OaDMl5RR29tU3Vw4weogdz5mi3yEUnLkCAFJDFQ&uid=mid_a2262c59c860750e8a505af52531d3c6&mguid=&ap={AUCTION_PRICE}
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
setuid
ib.adnxs.com/ Frame AE2C
Redirect Chain
  • https://trace.mediago.io/cs/xandr?rdid=cbb5b480f497760b2fa80d45137584a0
  • https://ib.adnxs.com/setuid?entity=529&code=86d0265f255686f2b6858b82dd891b02
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=529&code=86d0265f255686f2b6858b82dd891b02
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
AN-X-Request-Uuid
18ab37df-4ca1-4535-98c6-0403a6ea1ecc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/setuid?entity=529&code=86d0265f255686f2b6858b82dd891b02
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103
content-type
text/html; charset=utf-8
it
nym1-ib.adnxs.com/ Frame AE2C 		0
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&e=wqT_3QLGFejGCgAAAwDWAAUBCMuRvKIGEIHZxo2L-MDBDRgAKjYJgCctXFZhwz8RQLtDigESvT8ZAAAAIFyPH0AhQA0SACkRJNAxAAAAgBSu5z8w5-b0BTibNkC4aEiRBFDn-4OyAVj410BgAGi_41l4ldgDgAEBigEDVVNEkgUG8JWYAQGgAQGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAu9E4ALY0TXqAk9odHRwczovL3NsYXRlLmNvbS90ZWNobm9sb2d5LzIwMjAvMTIvc29sYXJ3aW5kcy1oYWNrLW1hbHdhcmUtYWN0aXZlLWJyZWFjaC5odG1sgAMAiAMBkAMAmAMXoAMBqgOIEQrfEGh0dHABZfCwdHJhY2UubWVkaWFnby5pby9hcGkvbG9nL3dpbm5vdGljZT90bj1mZDJjNzhlNDU1MzNlZjI5ZGY4OGU3NWZiYzE2Mjc1YSZ3aW5sb3NzPTEmaWQ9Y2JiNWI0ODBmNDk3NzYwYjJmYTgwZDQ1MTM3NTg0YTAmc2VhdF9pZD0ke0FVQ1RJT05fU0VBVF9JRH0mY3VycmVuY3k9JHtBVUNUSU9OX0NVUlJFTkNZfSZiaWRfMjcADEJJRF8BNghhZF8yGAAAQQkXBZMMJmltcAEeZDk3MzYyNjA3MDU5MTk3NDUyOSZwcmljZT0kFYbwT1BSSUNFfSZ0ZXN0PTAmdGltZT0xNjgyOTAxMTk1JmRwPThFRXJmSHdjYmoyY19vWnZjUWhSMzhGSVpRZ1RtNHZSdmdUWW0zQmJBZ3cmZHNwAXf0RQgyMiZ1cmw9TVhPUWxZZzVkRmhoZW1UOWhiLWVpTnBoZWFwLVh5V29ZTXN1NmpiQnlBTWMxUkI0aHRhOHlIQmp0SW1kYXNrODd4S3FjcG5nOUFfRFAteEdMQWV0SElibzRBQVpnZWFVeE5WYjgwSzVWSTkzcDM5d3pJWWc1UTlkS09RUHlldURUQTR3c0RWM1JBWENJbnZRaWpaSHowaEY5VlFZUWZEWEh6N09mWDBJNF9yQ0twRTBkMFJZakdPMlhzeVNYMGlTYUNvUDVJdFQxZXhNdk8teTRqdHVzWnA5LVBoZmNjMW5DcHM4TW9BYzl3VkVUcHR2eGg5dG5YSThhZy0tWWZxZ3FrYlJ4ajl5YjRyVE5iRlhIRDBFQnBtTkJ5R29CZ2ZDb2VCMjFMM0UzbHFKcFN2VFNtY2dPTmp4cEJuS05CZW1QcnRsR1phbnVnRWFUb0RGRnkya1hIWEhPc2lxNHo3enQwMHFxRWlUck1ydTRNWWhuMlYwdHhIQ3g2cjdmR2RoNlBta2R0eGVWaW9ucjQwMm82VmY4LUhJeVF4SGVZQVpmZzJYVFNHQ1JqTElCVkF6Ym4yaUdsZ3BxXzE3anAwaE1WZ1FwM2xOY2JkcS10cFU1VW93dXE2TFhtV0Zvc0VNR01qelpsbzczX1pqT3NpaEJITzN1TGV2TF84dnFfSFBOeTZ0R3NRbUxiR0ZYcm5CMExwdTB0RWZjejhKc3hlTksyMXlmamFhUklpeG4xaXVZeXZZU25KOEhIMS1lZU1MdTBLTzNiSlNPVmlicDA3ZUo4LWFZRFFLZ3Q0UVAzU0pUUHFNdjFkbWpPQU1tSWd2bVNqNW85aXhLY0tCVzNPMEJTR1Q2QmQ5YmZGWlhqN29KQWVzcllRbnZ0dnBHSEcxLXpLYXA5dmhTdURtOEpUNFhkcTZZSnlGdmtCZUtYSWtqQ0tYT3dCWkVBUF82YS1YZHI4TVI1WEhzNHJGbGN5cDJwVEt3OVh3VVRRcTRRNHdja3U0S19iQnJvdVVHaFZhTkRpd0N6R2tYdEh0cl9xN045NHFwaWZkV3NVOXloX2FfMzk4d253NHZTTFJ3aHFMcGF4U0RLbTQ4d21kcnYxS0xGd0FuRFVZbEtZU2FFQmVDdk4zQ1hMb28zRl9FSXJENG5TYVp3c1pHald1ZmQxN0V0QUowTmxXRjhrT0I1MjQ5T2pLb3NVZ3JGT2JwdWtHRHd2VmxVUVFsWjVXMjNjZ1U1NVhWSVVzZkJGODluRHhVanUxd0hnNlp0WDdVdzFSZGMtZ3ViV0dLWkJaU2tTc0xoaXRXc3czMjFrOUNSSkJYY0pHeEo4ekY0bTk1Y3JoTkUtdUQ0UzlVYjcxbnNDajhHMWNqZ1hSY25zVVRva0R6T1c3NFR6dUNtT3hIdEUtTy1OdjlCSXBMOUZNVEtaOVQtVlVmS1BHMlo3U1p0ZEFsbUE4cE1ITG1RUjZ1bC1LeW5lb2NRZE1pRVhjWkN5QmYtRTY3WDFyRjkyb3Z6UUJLVmUwbTBIT0pxbGxDSUR2WTFTZzJzWHpmRzFmdWRlUmVFbWRzWUg4b1VpZFVBTW1xOHBWRDNoUHFYVkhiSWJfNi1Ycm55b1VxWDhYWWd0bU1ZbldjYUFrSmpVbHJnSnhpM29QS1pXVnEtS1dZZUNucXY4RGUzR2p0LXJoYUwwaDNCbXRxY1J3WUhKZldYdkZsRy0zcEE5MUhGUllVdjlkNjBHNDB5WnpBQnhkNE5kazc3QmdGQUVSUjRueDBpczBxREZkRFFQS25UNmg2WV9rUEpqNmxQaGRiMDlWaU9Baml2QjVlOHA1T3hwNjkxaWcwXzdYYWxLdHJHVUwzNksxbTdsNkRGQ2cteGVucmdMbTB3NDlTdnhMM0diandtV3FFQzIzbk9kY0JsNmRJUl9oa3NWcGVpd2FNNFNVcEt4TmJ3Sjg2SGUxT3dvRVhPQ0NtWDRtcGw2azByc1d4ZjhjRWdWYnNRVTBSLXY1Y2pjQ3JiOGJHdEhRRjlvZlVoWDY3V2dGU0x6TGJqMU9ZaFhLMlhXYlJMQkN6VnNtSGhsN1JXMHMzR3dTcWZPSW01U0twMGt6NHpDS1QyVkZvRDdEdkhBekdyOVZNRGE3QXp6N0wzUFplQjRZLUZmREpUbGRVbFVjbGxNUTBwYkxPeFVjWEg5SWh0ZGdveW00N3FfR1NPSmVLcXprUTBjdEZpcFNwbWpaTG4wMGlyWW5ld2l5X05GZzhBNzZoNGZRcEI1V19DN2RfS3YyeU5Jank5Wlk5cGZhLW5PcmZvWS05R2VqJnNwPU9wcFFuV3NVb3lpVjduZnpSb2dSXzlTUEZNV2Z6TEkxNHBZajZMTzRCaGsaEjk3MzYyNjA3MDU5MTk3NDUyOSIJMzczMzU4MDU1KgUxMzM2OMAD4KgByAMA2APUGeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNDkuNTYuMTUzLjE4N6gEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABKGv8RPIBADaBAIIAeAEAfAE5_uDsgGIBQGYBQCgBYCLwZPv6MzgScAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaWPHvoFBAgAEACQBgGYBgC4BgDBBgAAAAAAAPA_2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGDPIGAggAgAcBiAcAoAdBugcIKgQxLS0tQAHIB5XYA9IHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHkYAIiggCEACVCAAAgD-YCAE.&s=b0dbb53fe7a13b3f70100a54d973e891f6a9c2a3
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
AN-X-Request-Uuid
69892a04-c4fe-48a6-8454-366c2b42f8f7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rd_log
nym1-ib.adnxs.com/ Frame AE2C 		0
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&e=wqT_3QK9BOg9AgAAAwDWAAUBCMuRvKIGEIHZxo2L-MDBDRgAKjYJgCctXFZhwz8RQLtDigESvT8ZAAAAIFyPH0AhQA0SACkRJNAxAAAAgBSu5z8w5-b0BTibNkC4aEiRBFDn-4OyAVj410BgAGi_41l4ldgDgAEBigEDVVNEkgUG8PWYAQGgAQGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAu9E4ALY0TXqAk9odHRwczovL3NsYXRlLmNvbS90ZWNobm9sb2d5LzIwMjAvMTIvc29sYXJ3aW5kcy1oYWNrLW1hbHdhcmUtYWN0aXZlLWJyZWFjaC5odG1sgAMAiAMBkAMAmAMXoAMBqgMAwAPgqAHIAwDYA9QZ4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0OS41Ni4xNTMuMTg3qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEoa_xE8gEANoEAggB4AQB8AQlGFiIBQGYBQCgBYCLwZPv6MzgScAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFpY8e-gUECAAQAJAGAZgGALgGAMEGASEgAADwP9oGFgoQCQ0ZAaAQABgA4AYM8gYCCACABwGIBwCgB0G6BwgqBDEtLS1AAcgHldgD0gcNCREzATEI2gcGAWRwGADgBwDqBwIIAPAHkYAIiggCEACVCAAAgD-YCAE.&s=837492a4f7130f3602e00f3e09fe0496fe057a21&bdref=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html,https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
AN-X-Request-Uuid
2a2e789a-026c-47f8-bdb6-c4de2f5c3f73
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame A42C
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---&khaos=LH43X5G9-W-CF1I
  • https://s.amazon-adsystem.com/ecm3?id=LH43X5G9-W-CF1I&ex=d-rubiconproject.com&status=ok&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LH43X5G9-W-CF1I&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KMXPWF8NJ7PXTY2YKNJ2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LH43X5G9-W-CF1I&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
usync.js
eus.rubiconproject.com/ Frame 2B23 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3ad153145535384b64b055ab14a32c0078416de71e27b9097e0bb027a5b823a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:17 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Apr 2023 15:25:48 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53565
Connection
keep-alive
Content-Length
10020
Expires
Mon, 01 May 2023 15:26:02 GMT
crum
dsum-sec.casalemedia.com/ Frame 62A7 		43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=1fc3b8ec-2a9c-458c-95e1-e53b1ec79c28&expiration=1690849997
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/132128.328.0/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/132128.328.0/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230430-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be95fcfef8b782ee5f2f61a4adf5bb27d8139812d7640137e1f8f12d41a4073b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 19d1514f5f81da4dca6349d0f75a352c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
YUL62-C2
age
1094363
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
31019
x-served-by
cache-yul12827-YUL
last-modified
Wed, 29 Mar 2023 13:57:28 GMT
server
AmazonS3
x-timer
S1682901197.170896,VS0,VE0
etag
"5f6b2fb433978f2d58314fde76eba0f6"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
3bk1jD7SZbLkA1OzRKgHtzcbXbaLESOQSqKnMLr2lUsNzM-VdLFBCA==
x-cache-hits
3751
feed-card-placeholder.20230430-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230430-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/slate1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23c26d8e75b895a0deb75d2a9b46009909443f15e4c8fbef235646d77ad6cf15

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
XQVneiyMmOWWIyDcFYcrDJwLjiDMYatA
content-encoding
gzip
via
1.1 varnish
date
Mon, 01 May 2023 00:33:17 GMT
x-amz-request-id
96XR7SMAS6NS7X1B
age
38332
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
ArfsdC8yEUGfRQeQ80h5NNNItbXgZfkmiV0Z14ooDdDGFPlCH++xtbiUb5Q0WZLuFqvMuCknmik=
x-served-by
cache-yul12827-YUL
last-modified
Sun, 30 Apr 2023 13:54:25 GMT
server
AmazonS3
x-timer
S1682901197.170898,VS0,VE0
etag
"7e229a55926e0d2922e3a368d403d1f2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
44
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
60168
cta-component.20230430-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20230430-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/slate1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6616496a4b1ddc301855b25aa43ec6cf0c7b1e0a8bf98d7a30dc517965589a3f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
eBFOjPEkl6X8AyTz3s6SyFp6El5aLnQj
content-encoding
gzip
via
1.1 varnish
date
Mon, 01 May 2023 00:33:17 GMT
x-amz-request-id
YR7RRV888Z6BPP8Z
age
38340
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4738
x-amz-id-2
W4LugnVMTRIE/WkI+Zky0jKoeuUZKhf2UZt0rSz0fqztDKwg1KmamSDPtFgdIxovv1usL3+hET0=
x-served-by
cache-yul12827-YUL
last-modified
Sun, 30 Apr 2023 13:54:17 GMT
server
AmazonS3
x-timer
S1682901197.191721,VS0,VE1
etag
"8ec4679bb946735747a68870b23b5bc4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
44
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
62924
userx.20230430-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230430-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/slate1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
027e2f36b05f1dff9cf6dde6bd1b74f3239460a8a05660bbf7620e2cae2292a9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
yW5yJ4Jgy8H43vcQt_ISVJ_GtabPUWOI
content-encoding
gzip
via
1.1 varnish
date
Mon, 01 May 2023 00:33:17 GMT
x-amz-request-id
FWC9HQERNSN2QWCC
age
38304
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
Shv7I2VRnww6mjxZMSmmyDoV7Bz+1pabVZLcAM5mllCZpZXgQqs6VzgAuj58iv+P5hvPsDQsuh0=
x-served-by
cache-yul12827-YUL
last-modified
Sun, 30 Apr 2023 13:54:53 GMT
server
AmazonS3
x-timer
S1682901197.191678,VS0,VE0
etag
"094f4927b5e22bfaba47a2bfcdafd2e8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
44
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
19746
abtests
us-trc-events.taboola.com/slatecom/log/3/ 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/slatecom/log/3/abtests?route=US:US:V&tvi2=9515&lti=deflated&ri=bbb524bca7c41ee8a97012bdf10e7fa4&sd=v2_49c8409ea71d2a4c0b754867f499a77a_66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b_1682901195_1682901195_CNawjgYQrZlcGK-56aX9MCABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABowPup8duG3vbwAXAB&ui=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b&pi=/technology/2020/12/solarwinds-hack-malware-active-breach.html&wi=6218247875461064117&pt=text&vi=1682901195951&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1682901197170%7D&tim=00%3A33%3A17.170&id=9967&llvl=2&cv=20230430-1-RELEASE&
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 01 May 2023 00:33:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Mon, 01 May 2023 00:33:17 GMT
x-amz-request-id
ZH2PVC903TQ3Z2Q0
age
96
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
pKSMuS4wKAGM/N+t0zEUA35DhHVieMgULngVBxM+j81kGtIjIIZ4tIPZmrm1jM6cxlZhvrIqMe0=
x-served-by
cache-yul12827-YUL
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1682901197.208976,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
44
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
160
resize.js
slate.com/piano/scripts/ Frame E74D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slate.com/piano/scripts/resize.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
90816272c28c1206d19bfa325b59453979c1dac41b9e527bb345106ef4dc8452
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
age
26
x-cache
HIT, HIT
content-length
1490
x-served-by
cache-iad-kcgs7200174-IAD, cache-yul12822-YUL
last-modified
Thu, 09 Mar 2023 17:02:57 GMT
x-timer
S1682901197.276580,VS0,VE0
etag
"640a1141-df5"
x-frame-options
sameorigin
vary
Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
x-cache-hits
985905, 4
get
choices.trustarc.com/ Frame F858 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by
Host: dcdn.adnxs.com
URL: https://dcdn.adnxs.com/renderer-content/1cf58be1-ce78-42f3-bebb-e8207b2f2bf3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-93.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sat, 01 Apr 2023 23:54:52 GMT
via
1.1 ef24c2f85065aa2c39cf270c915f3398.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
JFK50-P2
age
2507905
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
KBMi2QPfYDIoRDGbdQz55_tkv-KmK0GUNwgXvr_YWb2iyXHCQgRQuQ==
expires
Mon, 01 May 2023 23:54:52 GMT
r
shftr.adnxs.net/ Frame F858 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shftr.adnxs.net/r?url=https%3A%2F%2Fd2cli4kgl5uxre.cloudfront.net%2FML%2Fd_150x150.png&width=100&height=100&crop=1&bidder=529&buying_member=13368&selling_member=6939&creative_id=373360372
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.38 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
shftr-nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d46ba5ea289156f6683267bfa1e60671ef1d4d0594da3110eb74fb18e4e7d65e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:17 GMT
Server
nginx/1.21.3
Connection
keep-alive
Content-Length
8309
Content-Type
image/png
r
shftr.adnxs.net/ Frame F858 		720 KB
720 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shftr.adnxs.net/r?url=https%3A%2F%2Fd2cli4kgl5uxre.cloudfront.net%2FML%2F861c26d9c6fbc1da1d81ce063994bc39__scv1__1200x628.png&width=1200&height=627&crop=1&bidder=529&buying_member=13368&selling_member=6939&creative_id=373360372
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.38 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
shftr-nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8e2ca51357c1963264828b8b8546b6a500a11f7a3b84204d2b35f4fc35ae3f4e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:17 GMT
Server
nginx/1.21.3
Connection
keep-alive
Content-Length
737394
Content-Type
image/png
ic
trace.mediago.io/ju/ Frame F858 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trace.mediago.io/ju/ic?tn=fd2c78e45533ef29df88e75fbc16275a&trackingid=7ca828477b44de3e5be238bce91f0373&acid=348&data=66Q2zraQ6ch22NnjvH4OCeLEv0HWgRXgHQZDcilxmBRGtY9rYK7UKA2XqPKH6z0j89a1c7ZYUdhnVyeNHpzGy-fKJV_5Okhbhr-mPbHqtVgStXJD-Ds_0Lcylbx8_WmfBa-pBTyqamjsob0T4yt5F6NdDnWLDVUJ1G3VYABRkX1zFmU9eMjGudmHvUsb44S-ehRsWlbBhVj5v-PEJn2gwN0MyW2SEEOVqyAfXhO3Yv6YxzlaKJCNMjf95TN-Oz0OqmmIppG0nxhpKOZfWh0wzdtUN5J7zV1Bz2y1cUmGVbV2syVRwKFoa7RHTvd4w-oM2Vc0q7rTwI8A8r8UWYD69zRKpPN58CS8b9kaM3LOL2QjinWvPf6lCUBNTYuGBTdsRHhzcG7tGDxjNnllYmUT0TNgfVsS2FCKO4berhW1psQZAALnR4b4A2lyZ9eb3UzXwb91gOoU8NUh0Kuv0oyAMD-6m5EE8CiPfM9O1cai1aXkvbGxAunjkzV8v-uNCu_a5qtf4agta_aAby3XpbVupqLrQ-CHCbfOVgzMqd1IjuZqFlsq9iF9FWDLBn2bRRv8nDEXYCPhb5qa8Bnnm-V8Fen8W5C9rWZpCyWKGmj3h-T9IGkLz3jyWBybdNxfaAbY_C2KSo4g5qlHwQ6PuoWwkeZBuM0UspaZ823uA0sIZv12y9bfyhKZ0a0eC7F4Mr8iVpRdFhKVuAbSPhu4nvNPOht3DnvcD2U14bcPKON9CcttfrUoPGGDi0BJ-hfjuYDM5sAGoFUH9NjWEx_irJYQ7H-6j1JKjKDAYAo4d0bHeIQWhRvcV2s_IdBs8JoZNUgklqcmQ4Ecns84H3djZR8vriKoo5PF7C0msg3ml_aVsjQLQ-VUGhM1MsaVH3oVPmzNitnPsYfO8HeghHDYGtjf_O20ktcQtVfgqzUZ0KSU3V-oUOS5wQe1M_7Qfv_qvYDudUr7VWqGRuCdBiP8f7fJUPBuDUCaxDeBrspA3O73VYVWGdwi6MUnGPlihXNAgcIo&uid=mid_a2262c59c860750e8a505af52531d3c6&mguid=&ap={AUCTION_PRICE}
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
setuid
ib.adnxs.com/ Frame F858
Redirect Chain
  • https://trace.mediago.io/cs/xandr?rdid=acc5ecb93eb001d3156a22c25e29ae99
  • https://ib.adnxs.com/setuid?entity=529&code=86d0265f255686f2b6858b82dd891b02
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=529&code=86d0265f255686f2b6858b82dd891b02
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
AN-X-Request-Uuid
8d9b0ab8-a097-4d77-bb66-d60e0a5b44ec
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/setuid?entity=529&code=86d0265f255686f2b6858b82dd891b02
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103
content-type
text/html; charset=utf-8
it
nym1-ib.adnxs.com/ Frame F858 		0
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&e=wqT_3QLIFejICgAAAwDWAAUBCMyRvKIGEMX54Zbbp_OuWxgAKjYJ6kFBKVq5wz8R3-LhPQeWvT8ZAAAAIIVrIUAh3w0SACkRJNAxAAAAgOtR-D8w1eb0BTibNkC4aEiRBFD0jYSyAVj410BgAGi_41l45M8FgAEBigEDVVNEkgUG8JWYAQGgAQGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAu9E4ALY0TXqAk9odHRwczovL3NsYXRlLmNvbS90ZWNobm9sb2d5LzIwMjAvMTIvc29sYXJ3aW5kcy1oYWNrLW1hbHdhcmUtYWN0aXZlLWJyZWFjaC5odG1sgAMAiAMBkAMAmAMXoAMBqgOKEQrgEGh0dHABZfCwdHJhY2UubWVkaWFnby5pby9hcGkvbG9nL3dpbm5vdGljZT90bj1mZDJjNzhlNDU1MzNlZjI5ZGY4OGU3NWZiYzE2Mjc1YSZ3aW5sb3NzPTEmaWQ9YWNjNWVjYjkzZWIwMDFkMzE1NmEyMmMyNWUyOWFlOTkmc2VhdF9pZD0ke0FVQ1RJT05fU0VBVF9JRH0mY3VycmVuY3k9JHtBVUNUSU9OX0NVUlJFTkNZfSZiaWRfMjcADEJJRF8BNghhZF8yGAAAQQkXBZMMJmltcAEeaDY1ODM2NDM4OTUxNjI3NjQ0ODUmcHJpY2U9JBWH8E9QUklDRX0mdGVzdD0wJnRpbWU9MTY4MjkwMTE5NiZkcD1UZVRReFpsUEltcWliLV9LNHNLYUd6RlZWVGtzcklHLUVvWWxLWHJZVjZVJmRzcAF49EYIMjImdXJsPWJkUndrTGJoODhISkdKMWpZNTlad2dCaXRVaHJlOWdUZnNnUWRNNU01SmZIc3M5bzM3dUViU3NpRDdhZl9ncjg0VGFBYUw3Sy1JcDJZaHp5Y2IxSUpzcEJlcFVQaTBxcTU0ZjNueFNSRnlXOVI5eWFNMjZpN2M4T0Eyc1p5bGdNOHp3UlVQcVcxLVJSWXlCTzVLX0FmN2lveFhDNGtndGJtYXFNbHBsbm91QnpOdFpBVnAtc29pRkpZVGg3OUM5T3B0ZGF0NlBMZ1JHNXNFVUo2WENRcHZfUGpQakRvUzVDR3J4T2lpcGNRUVRaUWhzd0xJRml1QldZNzRaQUVjTlFDODY2dXUtSmF1a2dpM0NvRGxHaklPX1NpQnoyeEtKblNmWWZjQ3dKMkdGYlFxOGNibV83Mmpyd3JEVFNxWXFZYXRiRlphMHo0d0ctWEZXQzZGQ1hpd1I2MzdOMmIwcm9XR3haOHRDU0FvSVpZUmk1U3BaSFhuQm1IYkFlMVo5MGlZVWNKcGJLYWVPempMLTBHVFBES0N0MFk4cHZTMDdUUzh6d2JRTlg0a1VkdWh0Q1NoQ3p4R1FrSkxIWWZiR3owV2NYYVE2aWd4NzJfU1JPY1VBdFpIcEMxNHJwdkV6MEVHTjIya2t1cUFMdllCclpBbXJBdXRFcVJxLXpUeEJTVnRlMmR5eTBRZm85ckxLNWRxVWNOcThZc0kwN3ZTNExTUzIySHlaRVNyd1NfZzhENUgxTVNKN0hIS0Jmb0xnWXFhXzJYME1nYmJwclZvenVXUGdLeGRNZVBFUVc4UmpLbERndGotSWJkS1BUbzlJVFQzTzdDRXNrQVRNNUF1M2FfeTFHM01fblpkb3Y5UHlRcVVQaHNDVGMwRjN2VmwzZFk1NGZQYzFGcUtDaDlyalVCYmpWck5keXZoSEhlLVNjdU5ZamhqYy1pemVQYmxROTlVRE1zdU9XNV82RXdZVTFmQWlhOVE5X05jRFlGR25PcU1pWTBKbFdhMzVKTG1SeVNMSzVLM2tZOHpma0lsRjZQRnJGM2lxVHF5bHlka0dYRURoZ3l1RkxmY20zY2p1V1FNRnduM3dSeXRjbzBmRVZzTC1NY3BpX1ZkOXBTYlhVZjh3bGxxYzFWNmQ4dDFQNlN2LXdWd0lqUW5pbEdGd0YxQ2FCMFU1N1dXZ09PS3pQRkhsUTJFbGdoT0gxcTFNQmxNMHdNMzkweXdpY1UxVFNSWjdJV0pTQkhBb2E1dS1jMzY2cEE0NmI1Y1l3TjRaaWMwOWdJVFcybGNGb2V5eFBydDFrZVh2c0JpMEw0V19GdTZWV3ZXTllqd3RhWHpfeE5BVWJnSzNmcWx6bDkyZXRuWWF2aml5aGJFXzBiY05lcTlDYUpWRlJrcGpXVGRPMXQ5dkl4Y3c2UFNDQkhxa1N3VlQtYzVrbWVmbEtqQWVqdERMN0VoWnR3V0RMMVJoUTV0UTdKVnZaWlQyc0dCSjV3UE51M29qMEE5M210V0JqWlhkbDNWMDJrV1lTVmJrSE9SVl81d3NUTXFUSm5sTzRXQTBvZlJVUGM2b1ZvVmo4UGlJOWUxTkZicnM4NGtveURIYnd5bmhfT3pydks0UmFaYWVuM3dudVhHaHZJTjN1ME9ONlVSUHpxd0VhdlpLZ0lOWndjeWtRZVB0N2RXQ0hQVlpCUG5kWVkwMDM1OGxWNDlnb3l3enM1VUs1YTZsbGlpYjVVMGEzYmZQZUNaVmxrX09yX3hzenNoQlFpTldIeW1Tc2NmaXJVWHVzVU5QdWI1WDBLM3M1V1NtMmotQk5UREVVZ2JxOGlUQkZ5NWFQNUZSZGhXWnkwQTJVOS1zYURNMXZUYXVNM0NNSS1WeWwtUXloYkJmaDlQaG9pN3JaVU9kaFV3ckVzZWR4UFB0N2JyMGxDTzAxUEI1OEJ0bHdvRnhaQVBwRkhiYWxVUW54OUF6WkFXSjBNMGVuTVJ1VXlrbUVzbnhFejlybmZUZkcyTG1jOEJsWTB4cHg5QmpjMjU3XzNSTDNpcnhzZkpubEJyeEFxZTBPYUk2d1UzS25GaWY2QmxaZkp6dmxJSmxCcVpOdU5vNVJ5YmllQUl6dXZGaldLb1RTTGJKRFBZbXBfVTR2Q3MyY0NaSWVCc01pOFJldGJuTTIwM2xPMEV2WVhORXc5QnhoYk81YmxiNnIwb0xDTHZ1Vk9FYXM5Rk02T1UtOHVyNUNpNlFoTDZYQW9UTXZNclZkN19sbWZMVGRiNFBURmhnYm1YVVlaLUtva1BlLTlkVkRkQlVJak5IaCZzcD1sRlVTRHc5cExjOC1NNllhY25TLWc2Qi1WM3ZZLVhKVVlxM1JXZjdDYlRFGhM2NTgzNjQzODk1MTYyNzY0NDg1IgkzNzMzNjAzNzIqBTEzMzY4wAPgqAHIAwDYA9QZ4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0OS41Ni4xNTMuMTg3qAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEoa_xE8gEANoEAggB4AQB8AT0jYSyAYgFAZgFAKAFte6M49Dmr6QswAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFo48e-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_aBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYM8gYCCACABwGIBwCgB0G6BwgqBDEtLS1AAcgH5M8F0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AeRgAiKCAIQAJUIAACAP5gIAQ..&s=0836d74a87e16091ef1598bdda665a03ec74e6e2
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
AN-X-Request-Uuid
a5037e5d-5e1e-42ca-a5fe-a55129b03ac8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rd_log
nym1-ib.adnxs.com/ Frame F858 		0
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&e=wqT_3QK9BOg9AgAAAwDWAAUBCMyRvKIGEMX54Zbbp_OuWxgAKjYJ6kFBKVq5wz8R3-LhPQeWvT8ZAAAAIIVrIUAh3w0SACkRJNAxAAAAgOtR-D8w1eb0BTibNkC4aEiRBFD0jYSyAVj410BgAGi_41l45M8FgAEBigEDVVNEkgUG8PWYAQGgAQGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAu9E4ALY0TXqAk9odHRwczovL3NsYXRlLmNvbS90ZWNobm9sb2d5LzIwMjAvMTIvc29sYXJ3aW5kcy1oYWNrLW1hbHdhcmUtYWN0aXZlLWJyZWFjaC5odG1sgAMAiAMBkAMAmAMXoAMBqgMAwAPgqAHIAwDYA9QZ4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0OS41Ni4xNTMuMTg3qAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEoa_xE8gEANoEAggB4AQB8AQlGFiIBQGYBQCgBbXujOPQ5q-kLMAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFo48e-gUECAAQAJAGAZgGALgGAMEGASEgAADwP9oGFgoQCQ0ZAaAQABgA4AYM8gYCCACABwGIBwCgB0G6BwgqBDEtLS1AAcgH5M8F0gcNCREzATEI2gcGAWRwGADgBwDqBwIIAPAHkYAIiggCEACVCAAAgD-YCAE.&s=7cb487f9a057a8759e75733d6c2701c4d9f35231&bdref=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html,https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
AN-X-Request-Uuid
41e1e629-a0fe-4b5a-ae7c-bef5065dedb1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
social
us-trc-events.taboola.com/slatecom/log/3/ 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/slatecom/log/3/social?route=US:US:V&tvi2=9515&lti=deflated&ri=bbb524bca7c41ee8a97012bdf10e7fa4&sd=v2_49c8409ea71d2a4c0b754867f499a77a_66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b_1682901195_1682901195_CNawjgYQrZlcGK-56aX9MCABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABowPup8duG3vbwAXAB&ui=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b&pi=/technology/2020/12/solarwinds-hack-malware-active-breach.html&wi=6218247875461064117&pt=text&vi=1682901195951&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22The%20SolarWinds%20Hack%20Is%20Unlike%20Anything%20We%20Have%20Ever%20Seen%20Before%22%2C%22sec%22%3A%22Future%20Tense%22%2C%22aut%22%3A%5B%22Josephine%20Wolff%22%5D%2C%22img%22%3A%22https%3A%2F%2Fcompote.slate.com%2Fimages%2Fa93af3db-1af0-47d9-9f09-527c8cf76c76.jpeg%3Fwidth%3D1200%26rect%3D4896x3264%26offset%3D32x0%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=00%3A33%3A17.283&id=2126&llvl=2&cv=20230430-1-RELEASE&
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 01 May 2023 00:33:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
678d6873a4c497bb8f7af4657d5ee694.jpg
images.taboola.com/taboola/image/fetch/h_278,w_500,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_278,w_500,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/678d6873a4c497bb8f7af4657d5ee694.jpg
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
285f1636a887d9d081ef020aff25389aa93e2906ba09e05257b19ed497b1abe6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_278,w_500,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/678d6873a4c497bb8f7af4657d5ee694.jpg
age
3050527
edge-cache-tag
327967477830396398855291108846696535105,544738160110515864185464879385605306982,29ecf9b93bbf306179626feeda1fab70
cache-tag
327967477830396398855291108846696535105,544738160110515864185464879385605306982,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
301
expiration
expiry-date="Sat, 15 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://ca.soccerway.com/
content-length
11840
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100176-IAD, cache-iad-kjyo7100121-IAD, cache-lax10680-LGB, cache-iad-kiad7000129-IAD, cache-yul12827-YUL
last-modified
Wed, 15 Mar 2023 07:30:39 GMT
server
nginx
x-timer
S1682901197.474004,VS0,VE0
etag
"bcc5e4adf6064f41bf8563e1c5d6589e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 658, 2
89cd72fb30b538203bc2e6364bcdceb6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/89cd72fb30b538203bc2e6364bcdceb6.jpg
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0b65fc8cdeefc80c2ef2a7554342c397818c1733220868ee0fb702339f2348a0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
5
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/89cd72fb30b538203bc2e6364bcdceb6.jpg
age
1434558
edge-cache-tag
459343472823861568306624406785037217057,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
cache-tag
459343472823861568306624406785037217057,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
78
req-referer
https://genialne.pl/
content-length
14770
x-request-id
b99329f18fd220247b841105a02de7c2
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100098-IAD, cache-iad-kcgs7200080-IAD, cache-lax10671-LGB, cache-iad-kiad7000146-IAD, cache-yul12827-YUL
last-modified
Wed, 05 Apr 2023 00:23:00 GMT
server
nginx
x-timer
S1682901197.475215,VS0,VE5
etag
"2705d3b9f4bb062ee6f708b5d9ad8efb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2201, 1
dc939df1d3b6e0d50476414a49f14262.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc939df1d3b6e0d50476414a49f14262.jpg
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7201ffaf6b8cccb29d4471580f4847f2d92d1d0f93e38c9aa25db97f45b045e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc939df1d3b6e0d50476414a49f14262.jpg
age
1686526
edge-cache-tag
538275740718118270563692675679839456348,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
cache-tag
538275740718118270563692675679839456348,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
278
expiration
expiry-date="Mon, 17 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.marianne.net/
content-length
15384
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100078-IAD, cache-iad-kiad7000035-IAD, cache-lax10672-LGB, cache-iad-kcgs7200081-IAD, cache-yul12827-YUL
last-modified
Fri, 17 Mar 2023 09:25:42 GMT
server
nginx
x-timer
S1682901197.474519,VS0,VE0
etag
"8542a4ce4669690230331439c0a7013c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 347, 232
c7ecb563dc998c25399cc291bbdbf29b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_434%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_434%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c7ecb563dc998c25399cc291bbdbf29b.jpg
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ffdf38f399dcdb49abadf84acec2e27e025159b118b7b539c331031896886c97

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
6
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_434%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c7ecb563dc998c25399cc291bbdbf29b.jpg
age
2749962
edge-cache-tag
293691565924917041146398351835423228291,331986262400328347995100485101832919431,29ecf9b93bbf306179626feeda1fab70
cache-tag
293691565924917041146398351835423228291,331986262400328347995100485101832919431,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
299
expiration
expiry-date="Tue, 11 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gulte.com/
content-length
78702
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100134-IAD, cache-iad-kjyo7100053-IAD, cache-lga21965-LGA, cache-iad-kcgs7200032-IAD, cache-yul12827-YUL
last-modified
Sat, 11 Mar 2023 10:07:14 GMT
server
nginx
x-timer
S1682901197.474724,VS0,VE6
etag
"77fa450f7f3c3ad7c822c33bfdecd64c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 23, 1
24d919b7ca7462dfd4cd2b84cca8aeb5.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_434%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_434%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/24d919b7ca7462dfd4cd2b84cca8aeb5.png
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
45f3c817c54ff5188b7b68a445fff441cef6f29d2b84993340b24449b225663e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_434%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/24d919b7ca7462dfd4cd2b84cca8aeb5.png
age
1675217
edge-cache-tag
330612440428955512230499749851257642608,331986262400328347995100485101832919431,29ecf9b93bbf306179626feeda1fab70
cache-tag
330612440428955512230499749851257642608,331986262400328347995100485101832919431,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
263
expiration
expiry-date="Sat, 22 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.espn.com/
content-length
20230
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000089-IAD, cache-iad-kjyo7100171-IAD, cache-lga21955-LGA, cache-iad-kiad7000029-IAD, cache-yul12827-YUL
last-modified
Wed, 22 Mar 2023 15:51:57 GMT
server
nginx
x-timer
S1682901197.474168,VS0,VE2
etag
"a88001868a00e50b1086177b848f20f9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 2808, 1
a90899e84e5b40721594b8ba7517e0cd.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a90899e84e5b40721594b8ba7517e0cd.jpeg
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
785d9bdda78657e72f1f088290ef28688dc0bdbec4e31afed39a047d0357197c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a90899e84e5b40721594b8ba7517e0cd.jpeg
age
1510249
edge-cache-tag
485668035201530982018547323808119286028,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
cache-tag
485668035201530982018547323808119286028,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
222
expiration
expiry-date="Mon, 17 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.iflscience.com/
content-length
26316
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200139-IAD, cache-iad-kiad7000088-IAD, cache-chi-kigq8000055-CHI, cache-iad-kcgs7200024-IAD, cache-yul12827-YUL
last-modified
Fri, 17 Mar 2023 15:29:16 GMT
server
nginx
x-timer
S1682901197.474087,VS0,VE0
etag
"cdfa0bb6027e67aea4f7a390b3b689a4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1231, 5
tap.php
pixel.rubiconproject.com/ Frame A42C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI6KXtbzroElaJ-3E5y6bs4&google_cver=1
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI6KXtbzroElaJ-3E5y6bs4&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI6KXtbzroElaJ-3E5y6bs4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame A42C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UshiIHk2TeS4RLWTZtHXbw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UshiIHk2TeS4RLWTZtHXbw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UshiIHk2TeS4RLWTZtHXbw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ET1FCA04NATZXK24KH4M
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UshiIHk2TeS4RLWTZtHXbw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A42C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjY5OGI3YzRiNzJjOTA0NzVhODI2ZjkyNGI2MDE4MjVjZmI0Y2FmOQ&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjY5OGI3YzRiNzJjOTA0NzVhODI2ZjkyNGI2MDE4MjVjZmI0Y2FmOQ&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjY5OGI3YzRiNzJjOTA0NzVhODI2ZjkyNGI2MDE4MjVjZmI0Y2FmOQ&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8bab65602db075726861004da5629947
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A42C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEg0M1g1RzktVy1DRjFJ&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC-HQMYRSW91O2Jnt9bZzX0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg0M1g1RzktVy1DRjFJ&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg0M1g1RzktVy1DRjFJ&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg0M1g1RzktVy1DRjFJ&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
Expires
0
tap.php
pixel.rubiconproject.com/ Frame A42C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=2ceafc3a-8e26-4266-b01b-ef810856e5c7&gdpr=0&gdpr_consent=&expires=30
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=2ceafc3a-8e26-4266-b01b-ef810856e5c7&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=2ceafc3a-8e26-4266-b01b-ef810856e5c7&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
dcm
aax-eu.amazon-adsystem.com/s/ Frame A42C 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YKW5JJ0C5X9A7C8928N6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame A42C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/L7FzBEygjwblo_PUgcrf1Q?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-CS4dv4BE2oJv61DW74wI55U9ZgbATYroDIWp1A--~A
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-CS4dv4BE2oJv61DW74wI55U9ZgbATYroDIWp1A--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 01 May 2023 00:33:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-CS4dv4BE2oJv61DW74wI55U9ZgbATYroDIWp1A--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame A42C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH43X5G9-W-CF1I&us_privacy=1---
0
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH43X5G9-W-CF1I&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 5C59D246E90D413B847D06E72A9F9284 Ref B: YMQ01EDGE0308 Ref C: 2023-05-01T00:33:17Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6lvgSu8Vmlf1iwCJbZg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH43X5G9-W-CF1I&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
918e21b2f2b20664c419fe9cc2f99c9f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/918e21b2f2b20664c419fe9cc2f99c9f.jpg
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a09608786d4875002eda7ef4adebe803f615405a65d60e4a1e53b34fb83fe6f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/918e21b2f2b20664c419fe9cc2f99c9f.jpg
age
2112077
edge-cache-tag
484958305397995043988578833525874369178,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
cache-tag
484958305397995043988578833525874369178,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
140
req-referer
https://apnews.com/
content-length
22056
x-request-id
317bad6af686e8f660990bc6c2ad8009
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200109-IAD, cache-iad-kiad7000110-IAD, cache-lax10655-LGB, cache-iad-kiad7000063-IAD, cache-yul12827-YUL
last-modified
Thu, 06 Apr 2023 10:50:33 GMT
server
nginx
x-timer
S1682901197.493868,VS0,VE2
etag
"71dc24bb1bf83a8ac5f780e3882befab"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 114, 1
45404d274035fea748bcf04acf61fc1d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45404d274035fea748bcf04acf61fc1d.jpg
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e2bfda219a19d909d47caf9641fc5cc6699a0a254a7042e2e8e6ea7d245911b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45404d274035fea748bcf04acf61fc1d.jpg
age
5249600
edge-cache-tag
354926777220179153198222090880455970129,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
cache-tag
354926777220179153198222090880455970129,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
176
expiration
expiry-date="Wed, 29 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.nbcboston.com/
content-length
27790
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000083-IAD, cache-iad-kcgs7200022-IAD, cache-lga21962-LGA, cache-iad-kcgs7200140-IAD, cache-yul12827-YUL
last-modified
Sun, 26 Feb 2023 00:11:45 GMT
server
nginx
x-timer
S1682901197.494413,VS0,VE0
etag
"755fe9f899e1b6f12eb601cadb011d38"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 3178, 3
d3ad08d12a2dd15563efcf731ff93f18.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_434%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_434%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d3ad08d12a2dd15563efcf731ff93f18.jpg
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b2ec15bc4c6ba4cc7770d2ab4f63e73c5b906784717dfe2fdd6481ebff71abf3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_434%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d3ad08d12a2dd15563efcf731ff93f18.jpg
age
4092214
edge-cache-tag
520192637860433638584168636009155289581,331986262400328347995100485101832919431,29ecf9b93bbf306179626feeda1fab70
cache-tag
520192637860433638584168636009155289581,331986262400328347995100485101832919431,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
307
expiration
expiry-date="Sun, 26 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.today.com/
content-length
16802
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100093-IAD, cache-iad-kjyo7100139-IAD, cache-lga21948-LGA, cache-iad-kjyo7100050-IAD, cache-yul12827-YUL
last-modified
Thu, 23 Feb 2023 20:54:40 GMT
server
nginx
x-timer
S1682901197.494761,VS0,VE2
etag
"03d0b7ee4b7159706b79c973d51647dd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 8214, 1
04d6f35675a60387249ced8f848cce2e.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_434%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_434%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/04d6f35675a60387249ced8f848cce2e.jpeg
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
035cd0371913be44c2b6e952fbfec8463980d1af54d422177451e8955f9a9f4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
28
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_434%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/04d6f35675a60387249ced8f848cce2e.jpeg
age
3204796
edge-cache-tag
405823780767345939377312783006027561093,331986262400328347995100485101832919431,29ecf9b93bbf306179626feeda1fab70
cache-tag
405823780767345939377312783006027561093,331986262400328347995100485101832919431,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
256
req-referer
https://d-356804184874413798.ampproject.net/
content-length
20062
x-request-id
08b568231796b34cdf258490c8f942b5
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200126-IAD, cache-iad-kiad7000151-IAD, cache-chi-klot8100144-CHI, cache-iad-kiad7000110-IAD, cache-yul12827-YUL
last-modified
Sat, 04 Mar 2023 20:04:40 GMT
server
nginx
x-timer
S1682901197.494851,VS0,VE28
etag
"01ccc82f4f36b497dadc1c6d285c93d2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 154, 1
6b78e506bfca3c2c6f161b25b1088ccb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b78e506bfca3c2c6f161b25b1088ccb.jpg
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a2b83fe5bc8004d7c5b3bd9cb718cdc6d7603ea53bafb9dce3afe4b0bb9a53ad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b78e506bfca3c2c6f161b25b1088ccb.jpg
age
558690
edge-cache-tag
561804765884358267171970652329963968410,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag
561804765884358267171970652329963968410,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
136
req-referer
https://www.sacbee.com/
content-length
10516
x-request-id
7f5572fb98e860240265e44006be80a3
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000069-IAD, cache-iad-kjyo7100154-IAD, cache-chi-klot8100044-CHI, cache-iad-kcgs7200064-IAD, cache-yul12827-YUL
last-modified
Mon, 24 Apr 2023 07:40:40 GMT
server
nginx
x-timer
S1682901198.503208,VS0,VE3
etag
"24b4b1bfd40dc66ea21ed9a7aed099be"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 41, 1
b54d8e15044fc317010a543cdf1ad30e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b54d8e15044fc317010a543cdf1ad30e.png
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
14bf9434ca9e306b181db22c6529a3535ba586f04f3308c099138c3ccb241fba

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b54d8e15044fc317010a543cdf1ad30e.png
age
2717975
edge-cache-tag
485000189498832545209492000639481364186,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
cache-tag
485000189498832545209492000639481364186,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
83
expiration
expiry-date="Fri, 14 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://eurasiantimes.com/
content-length
28526
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100138-IAD, cache-iad-kiad7000084-IAD, cache-lax10626-LGB, cache-iad-kjyo7100089-IAD, cache-yul12827-YUL
last-modified
Tue, 14 Mar 2023 07:14:33 GMT
server
nginx
x-timer
S1682901198.503126,VS0,VE1
etag
"bf316d6d45cc6594555551dcecc3ee2c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 727, 2
b7434899b99e94c7b3ca98898ef98164.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b7434899b99e94c7b3ca98898ef98164.jpg
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ba08f4f31ee050189b7a5d8616864e25bac36c06ac5799550b79d96b569bf198

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b7434899b99e94c7b3ca98898ef98164.jpg
age
3262092
edge-cache-tag
376788592290311407875357897686579894150,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
cache-tag
376788592290311407875357897686579894150,392173735509245572091693767611601833779,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
130
expiration
expiry-date="Sun, 26 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://slate.com/
content-length
13744
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200031-IAD, cache-iad-kjyo7100117-IAD, cache-chi-klot8100061-CHI, cache-iad-kcgs7200092-IAD, cache-yul12827-YUL
last-modified
Thu, 23 Feb 2023 13:01:37 GMT
server
nginx
x-timer
S1682901198.512697,VS0,VE0
etag
"14fb427440e09b8abb0245fd97e416cf"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 1, 12830, 2
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame C354 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 01 May 2023 00:33:17 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12824-YUL
x-timer
S1682901197.354118,VS0,VE14
Pug
image2.pubmatic.com/AdServer/ Frame 9B33
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033163313265937
42 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033163313265937
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 01 May 2023 00:33:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 01 May 2023 00:33:17 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033163313265937
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
ecm3
s.amazon-adsystem.com/ Frame 4036 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID0F1C5E77-729B-4F92-8E83-B7A886DE1C71
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:33:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
AT2V03XRMVV6WAJY9MAH
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FFF4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Dxxed3KbT5KOg7eoht4ccQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=32302
accept-ranges
bytes
content-length
5554
expires
Mon, 01 May 2023 09:31:39 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame FFF4
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0F1C5E77-729B-4F92-8E83-B7A886DE1C71
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=0F1C5E77-729B-4F92-8E83-B7A886DE1C71
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a4b4a278-70a7-4dc9-98cf-67badbab2011%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2ceafc3a-8e26-4266-b01b-ef810856e5c7&ttd_puid=a4b4a278-70a7-4dc9-98cf-67badbab2011%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2ceafc3a-8e26-4266-b01b-ef810856e5c7&ttd_puid=a4b4a278-70a7-4dc9-98cf-67badbab2011%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2ceafc3a-8e26-4266-b01b-ef810856e5c7&ttd_puid=a4b4a278-70a7-4dc9-98cf-67badbab2011%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
xuid
eb2.3lift.com/ Frame FFF4 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:33:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
insync
thrtle.com/ Frame FFF4
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&vxii_pid=12&vxii_pid1=10067&vxii_rcid=58fbf93a-8c14-458c-b743-95a36aeb8f55
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&vxii_pid=12&vxii_pid1=10067&vxii_rcid=58fbf93a-8c14-458c-b743-95a36aeb8f55
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
3.229.9.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-9-249.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Mon, 01 May 2023 00:33:17 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&vxii_pid=12&vxii_pid1=10067&vxii_rcid=58fbf93a-8c14-458c-b743-95a36aeb8f55
date
Mon, 01 May 2023 00:33:17 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
Pug
image2.pubmatic.com/AdServer/ Frame FFF4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEYxQzVFNzctNzI5Qi00RjkyLThFODMtQjdBODg2REUxQzcx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 01 May 2023 00:33:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FFF4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI-OaefEMiYUAeucR9Fo7S0&google_cver=1
42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI-OaefEMiYUAeucR9Fo7S0&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 01 May 2023 00:33:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI-OaefEMiYUAeucR9Fo7S0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FFF4
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E221993AEBB24A2B8493EE00CA67D0D7
42 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E221993AEBB24A2B8493EE00CA67D0D7
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 01 May 2023 00:33:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Mon, 01 May 2023 00:33:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E221993AEBB24A2B8493EE00CA67D0D7
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 30 Apr 2023 00:33:17 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FFF4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3339306244832130287&gdpr=0&gdpr_consent=&us_privacy=
1 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3339306244832130287&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_ox-db5_smrt_n-inmobi_n-sharethrough_n-onetag_pm-db5_rbd_ppt_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:33:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3339306244832130287&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 01 May 2023 00:33:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
httpapi
api2.amplitude.com/2/ 		94 B
287 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/analytics-browser-1.1.4-min.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.93.196 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-93-196.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
48f86e0a0ffa401b8c24250b86ea9c5a8a159e92e1965d65da952245e8ca2ee8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:33:17 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-644f08cd-605da076152515443b4f8966
content-length
94
access-control-allow-methods
GET, POST
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.93.196 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-93-196.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://slate.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Mon, 01 May 2023 00:33:17 GMT
strict-transport-security
max-age=15768000
truncated
/ Frame AE2C 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d029241e42d6aa494cfb6c41908f717c6106f63703691e1e4e491f2116eadef

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
jfy5yp77cohy74fsw5uk.mp4
cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1675413952/ 		67 KB
67 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1675413952/jfy5yp77cohy74fsw5uk.mp4
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5af7f54e4682da1be1484f658f9b15a84537085a4081cef229704a6d8e4ceb71

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
JhpPlUz7nZ57ILPZKofZM6pneMKKR0I4
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish
x-amz-request-id
0QY3D37DE8NQ2K93
age
66
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-68339/68340
x-amz-replication-status
COMPLETED
Content-Length
68340
x-amz-id-2
rTj6DcrSdCKMK4ujxPQ5W+hpfiB2YLqEqkD4tgAhxhPruIhRcD0mpgPEjm7gDOWecMEby75zOzI=
x-served-by
cache-yul12827-YUL
last-modified
Fri, 03 Feb 2023 08:45:58 GMT
server
AmazonS3
x-timer
S1682901197.423593,VS0,VE4
etag
"12d66db772be5305a2eda235f0b44b99"
content-type
video/mp4;codecs=avc1
abp
44
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
hjsw4lzlkiert7w5si0o.mp4
cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1673969046/ 		92 KB
92 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1673969046/hjsw4lzlkiert7w5si0o.mp4
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef5a01844a9c32cef5fc5fde48c93aad4a06b2d21a231dd85f5a371767ff052b

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
rnYA6IIikpBlVvLzbfQdhAF2fwkT4rGj
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish
x-amz-request-id
A7F8RB2SE71542NN
age
40
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-94034/94035
x-amz-replication-status
COMPLETED
Content-Length
94035
x-amz-id-2
Hz0IbyBmavd/rhQeSjvvQHGdums/UVl6SGnwyFmGCCpaBfa3CO3HwvoGaEnRrbQcwtk++iREImU=
x-served-by
cache-yul12827-YUL
last-modified
Tue, 17 Jan 2023 15:24:12 GMT
server
AmazonS3
x-timer
S1682901197.430133,VS0,VE10
etag
"9901956b8008e2ed3a6456dc67d190b6"
content-type
video/mp4;codecs=avc1
abp
44
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
m9cabqoqqmojcfjdrspf.mp4
cdn.taboola.com/libtrc/static/video/v1677157273/ 		201 KB
202 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1677157273/m9cabqoqqmojcfjdrspf.mp4
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b305ec62d4bd57719fa55c07efab0ac818094546e75a51828ad9e0998d191663

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
D2ddMbrdIb9zg.FfOhXk.X79JMWHavw_
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish
x-amz-request-id
W2NSVC6Z30BBN53N
age
93
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-206289/206290
x-amz-replication-status
COMPLETED
Content-Length
206290
x-amz-id-2
QrhckMhNbGRahQ7sgxAUqqu7TZzm/9fRYPs8Yx5rnE8mO0gWfgY3zXjYxnnprM4QPa7pooeSXUg=
x-served-by
cache-yul12827-YUL
last-modified
Thu, 23 Feb 2023 13:01:18 GMT
server
AmazonS3
x-timer
S1682901197.435608,VS0,VE1
etag
"572387225eed63a0b5fb7980e5c39d42"
content-type
video/mp4;codecs=avc1
abp
44
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
publishertag.prebid.130.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 02 May 2023 00:33:17 GMT
data
api.cxense.com/public/widget/ 		7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22categories%22%3A%7B%22testgroup%22%3A%2266%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22userState%22%2C%22value%22%3A%22anon%22%7D%2C%7B%22key%22%3A%22LTs%22%2C%22value%22%3A%22notProfiled%22%7D%2C%7B%22key%22%3A%22LTc%22%2C%22value%22%3A%22notProfiled%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2266%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html%22%7D%2C%22widgetId%22%3A%228e845f77d4af91b5755803d1115cf66e6bbf19aa%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22lh43x5i8b1qqhapo%22%7D%7D%2C%22prnd%22%3A%22lh43x5i8mec649df%22%7D&media=javascript&sid=1129570900026411565&widgetId=8e845f77d4af91b5755803d1115cf66e6bbf19aa&resizeToContentSize=true&useSecureUrls=true&usi=lh43x5i8b1qqhapo&rnd=1572744951&prnd=lh43x5i8mec649df&tzo=0&callback=cXJsonpCB2
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
86.109.7.56 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
5c3bd0fe5fc0cb00d30e889d4df5c7fca893089ef3181e9de7a044e7f0882bb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
3992
expires
Mon, 26 Jul 1997 05:00:00 GMT
b-8db6969-7692f01f.js
tagan.adlightning.com/slate/ 		69 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/slate/b-8db6969-7692f01f.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/slate/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ce23ce91aa21ae60b04b05e34f89f0156094711d57eac71902e02f772760c91

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:58:27 GMT
content-encoding
gzip
via
1.1 b364a698bd3b40fc657ca5500f6818ce.cloudfront.net (CloudFront)
x-amz-version-id
kSZKGs6hpOEamRAiWT1mNZB9J9TBJK_Y
x-amz-cf-pop
EWR53-C3
age
77691
x-cache
Hit from cloudfront
content-length
26569
x-amz-meta-git_commit
8db6969
last-modified
Mon, 07 Nov 2022 21:57:55 GMT
server
AmazonS3
etag
"59843aa59eee185caed7dbe0e8502d4d"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
legbUs97YtmJOqLiADCGFB_OByn0cuUNkk9atXneIaktzjjcepknCQ==
bl-e09f10f-1a35fe65.js
tagan.adlightning.com/slate/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/slate/bl-e09f10f-1a35fe65.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/slate/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6bab99608ee93416fa40acc0a63aef0d608d7be5e16ae1164696b74451e497cf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:55:41 GMT
content-encoding
gzip
via
1.1 b364a698bd3b40fc657ca5500f6818ce.cloudfront.net (CloudFront)
x-amz-version-id
4sHeq9lsvhofNvU2.rF0CcYA3RKXqMdA
x-amz-cf-pop
EWR53-C3
age
77857
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
18077
x-amz-meta-git_commit
e09f10f
last-modified
Sun, 30 Apr 2023 02:55:11 GMT
server
AmazonS3
etag
"205777a15b3d18a6e43b71e1948dde2f"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
P0wLfxGOcl7cvnNljX90b4NkdwRjKCXK7cVbni9vQ4Tr-d2yH1pPdQ==
rep.gif
comcluster.cxense.com/Repo/ Frame 3795 		43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.21&typ=pgv&rnd=lh43x5i8mec649df&sid=1129570900026411565&loc=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&new=1&arf=0&ltm=1682901196280&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lh43x5v64jz6eh8k&ckp=lh43x5i8b1qqhapo&glb=&cp_userState=anon&cst=3qn48g6rgpmwd11nb2x1s0a48t
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Mon, 01 May 2023 00:33:17 GMT
server
Jetty(9.4.28.v20200408)
content-length
43
content-type
image/gif
vevent
nym1-ib.adnxs.com/ Frame AE2C 		0
949 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&e=wqT_3QLGFejGCgAAAwDWAAUBCMuRvKIGEIHZxo2L-MDBDRgAKjYJgCctXFZhwz8RQLtDigESvT8ZAAAAIFyPH0AhQA0SACkRJNAxAAAAgBSu5z8w5-b0BTibNkC4aEiRBFDn-4OyAVj410BgAGi_41l4ldgDgAEBigEDVVNEkgUG8JWYAQGgAQGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAu9E4ALY0TXqAk9odHRwczovL3NsYXRlLmNvbS90ZWNobm9sb2d5LzIwMjAvMTIvc29sYXJ3aW5kcy1oYWNrLW1hbHdhcmUtYWN0aXZlLWJyZWFjaC5odG1sgAMAiAMBkAMAmAMXoAMBqgOIEQrfEGh0dHABZfCwdHJhY2UubWVkaWFnby5pby9hcGkvbG9nL3dpbm5vdGljZT90bj1mZDJjNzhlNDU1MzNlZjI5ZGY4OGU3NWZiYzE2Mjc1YSZ3aW5sb3NzPTEmaWQ9Y2JiNWI0ODBmNDk3NzYwYjJmYTgwZDQ1MTM3NTg0YTAmc2VhdF9pZD0ke0FVQ1RJT05fU0VBVF9JRH0mY3VycmVuY3k9JHtBVUNUSU9OX0NVUlJFTkNZfSZiaWRfMjcADEJJRF8BNghhZF8yGAAAQQkXBZMMJmltcAEeZDk3MzYyNjA3MDU5MTk3NDUyOSZwcmljZT0kFYbwT1BSSUNFfSZ0ZXN0PTAmdGltZT0xNjgyOTAxMTk1JmRwPThFRXJmSHdjYmoyY19vWnZjUWhSMzhGSVpRZ1RtNHZSdmdUWW0zQmJBZ3cmZHNwAXf0RQgyMiZ1cmw9TVhPUWxZZzVkRmhoZW1UOWhiLWVpTnBoZWFwLVh5V29ZTXN1NmpiQnlBTWMxUkI0aHRhOHlIQmp0SW1kYXNrODd4S3FjcG5nOUFfRFAteEdMQWV0SElibzRBQVpnZWFVeE5WYjgwSzVWSTkzcDM5d3pJWWc1UTlkS09RUHlldURUQTR3c0RWM1JBWENJbnZRaWpaSHowaEY5VlFZUWZEWEh6N09mWDBJNF9yQ0twRTBkMFJZakdPMlhzeVNYMGlTYUNvUDVJdFQxZXhNdk8teTRqdHVzWnA5LVBoZmNjMW5DcHM4TW9BYzl3VkVUcHR2eGg5dG5YSThhZy0tWWZxZ3FrYlJ4ajl5YjRyVE5iRlhIRDBFQnBtTkJ5R29CZ2ZDb2VCMjFMM0UzbHFKcFN2VFNtY2dPTmp4cEJuS05CZW1QcnRsR1phbnVnRWFUb0RGRnkya1hIWEhPc2lxNHo3enQwMHFxRWlUck1ydTRNWWhuMlYwdHhIQ3g2cjdmR2RoNlBta2R0eGVWaW9ucjQwMm82VmY4LUhJeVF4SGVZQVpmZzJYVFNHQ1JqTElCVkF6Ym4yaUdsZ3BxXzE3anAwaE1WZ1FwM2xOY2JkcS10cFU1VW93dXE2TFhtV0Zvc0VNR01qelpsbzczX1pqT3NpaEJITzN1TGV2TF84dnFfSFBOeTZ0R3NRbUxiR0ZYcm5CMExwdTB0RWZjejhKc3hlTksyMXlmamFhUklpeG4xaXVZeXZZU25KOEhIMS1lZU1MdTBLTzNiSlNPVmlicDA3ZUo4LWFZRFFLZ3Q0UVAzU0pUUHFNdjFkbWpPQU1tSWd2bVNqNW85aXhLY0tCVzNPMEJTR1Q2QmQ5YmZGWlhqN29KQWVzcllRbnZ0dnBHSEcxLXpLYXA5dmhTdURtOEpUNFhkcTZZSnlGdmtCZUtYSWtqQ0tYT3dCWkVBUF82YS1YZHI4TVI1WEhzNHJGbGN5cDJwVEt3OVh3VVRRcTRRNHdja3U0S19iQnJvdVVHaFZhTkRpd0N6R2tYdEh0cl9xN045NHFwaWZkV3NVOXloX2FfMzk4d253NHZTTFJ3aHFMcGF4U0RLbTQ4d21kcnYxS0xGd0FuRFVZbEtZU2FFQmVDdk4zQ1hMb28zRl9FSXJENG5TYVp3c1pHald1ZmQxN0V0QUowTmxXRjhrT0I1MjQ5T2pLb3NVZ3JGT2JwdWtHRHd2VmxVUVFsWjVXMjNjZ1U1NVhWSVVzZkJGODluRHhVanUxd0hnNlp0WDdVdzFSZGMtZ3ViV0dLWkJaU2tTc0xoaXRXc3czMjFrOUNSSkJYY0pHeEo4ekY0bTk1Y3JoTkUtdUQ0UzlVYjcxbnNDajhHMWNqZ1hSY25zVVRva0R6T1c3NFR6dUNtT3hIdEUtTy1OdjlCSXBMOUZNVEtaOVQtVlVmS1BHMlo3U1p0ZEFsbUE4cE1ITG1RUjZ1bC1LeW5lb2NRZE1pRVhjWkN5QmYtRTY3WDFyRjkyb3Z6UUJLVmUwbTBIT0pxbGxDSUR2WTFTZzJzWHpmRzFmdWRlUmVFbWRzWUg4b1VpZFVBTW1xOHBWRDNoUHFYVkhiSWJfNi1Ycm55b1VxWDhYWWd0bU1ZbldjYUFrSmpVbHJnSnhpM29QS1pXVnEtS1dZZUNucXY4RGUzR2p0LXJoYUwwaDNCbXRxY1J3WUhKZldYdkZsRy0zcEE5MUhGUllVdjlkNjBHNDB5WnpBQnhkNE5kazc3QmdGQUVSUjRueDBpczBxREZkRFFQS25UNmg2WV9rUEpqNmxQaGRiMDlWaU9Baml2QjVlOHA1T3hwNjkxaWcwXzdYYWxLdHJHVUwzNksxbTdsNkRGQ2cteGVucmdMbTB3NDlTdnhMM0diandtV3FFQzIzbk9kY0JsNmRJUl9oa3NWcGVpd2FNNFNVcEt4TmJ3Sjg2SGUxT3dvRVhPQ0NtWDRtcGw2azByc1d4ZjhjRWdWYnNRVTBSLXY1Y2pjQ3JiOGJHdEhRRjlvZlVoWDY3V2dGU0x6TGJqMU9ZaFhLMlhXYlJMQkN6VnNtSGhsN1JXMHMzR3dTcWZPSW01U0twMGt6NHpDS1QyVkZvRDdEdkhBekdyOVZNRGE3QXp6N0wzUFplQjRZLUZmREpUbGRVbFVjbGxNUTBwYkxPeFVjWEg5SWh0ZGdveW00N3FfR1NPSmVLcXprUTBjdEZpcFNwbWpaTG4wMGlyWW5ld2l5X05GZzhBNzZoNGZRcEI1V19DN2RfS3YyeU5Jank5Wlk5cGZhLW5PcmZvWS05R2VqJnNwPU9wcFFuV3NVb3lpVjduZnpSb2dSXzlTUEZNV2Z6TEkxNHBZajZMTzRCaGsaEjk3MzYyNjA3MDU5MTk3NDUyOSIJMzczMzU4MDU1KgUxMzM2OMAD4KgByAMA2APUGeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNDkuNTYuMTUzLjE4N6gEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABKGv8RPIBADaBAIIAeAEAfAE5_uDsgGIBQGYBQCgBYCLwZPv6MzgScAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaWPHvoFBAgAEACQBgGYBgC4BgDBBgAAAAAAAPA_2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGDPIGAggAgAcBiAcAoAdBugcIKgQxLS0tQAHIB5XYA9IHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHkYAIiggCEACVCAAAgD-YCAE.&s=b0dbb53fe7a13b3f70100a54d973e891f6a9c2a3&type=nv&nvt=5&jm=1003&px=1150&py=1445&bw=300&bh=200&sid=7444565871528178325&vd=ct~0|rr~0&sv=232&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=12399463&sw=1600&sh=1200&pw=1600&ph=8279&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
AN-X-Request-Uuid
3d5989a2-fdbd-4959-ac9b-98bc8b133d1c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://slate.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame F858 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e1a28c18c7d39627b7b61e7511d3779580b17d616732d330017aed59fa5f783

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
Retina-Bold-subset.woff2
slate.com/fonts/slate-com/ Frame 3324 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slate.com/fonts/slate-com/Retina-Bold-subset.woff2
Requested by
Host: slate.com
URL: https://slate.com/css/slate.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
77f1049a76c92d1b45e0751002bf59f26635d00018946c64213a4c43a840bd1c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

Referer
https://slate.com/css/slate.css
Origin
https://buy.tinypass.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
age
46255951
x-cache
HIT
content-length
42296
x-served-by
cache-yul12829-YUL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
x-timer
S1682901198.588970,VS0,VE0
etag
"5fd128de-a538"
x-frame-options
sameorigin
vary
X-Set-GDPR-Consent, Cookie, X-Valid-Scroll-User, Origin
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
10722
Retina-Book-subset.woff2
slate.com/fonts/slate-com/ Frame 3324 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://slate.com/fonts/slate-com/Retina-Book-subset.woff2
Requested by
Host: slate.com
URL: https://slate.com/css/slate.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dc123e1fdfe40c519213aed6431da35e0b5aa556e35dce4a4146417f02a335c3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
X-Frame-Options sameorigin

Request headers

Referer
https://slate.com/css/slate.css
Origin
https://buy.tinypass.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish
content-security-policy
upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
age
29529475
x-cache
HIT
content-length
41548
x-served-by
cache-yul12829-YUL
last-modified
Wed, 09 Dec 2020 19:43:26 GMT
x-timer
S1682901198.588946,VS0,VE0
etag
"5fd128de-a24c"
x-frame-options
sameorigin
vary
Cookie, X-Set-GDPR-Consent, X-Valid-Scroll-User, Origin
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
11039
usersync
usersync.gumgum.com/ Frame 2B23
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LH43X5G9-W-CF1I
  • https://usersync.gumgum.com/usersync?b=mag&i=LH43X5G9-W-CF1I
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LH43X5G9-W-CF1I
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LH43X5G9-W-CF1I
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
574abe46412f7df61ec8713ff1a5b646
Expires
0
id
id.cxense.com/public/user/ 		102 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lh43x5i8b1qqhapo%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%223qn48g6rgpmwd11nb2x1s0a48t%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%223qn48g6rgpmwd11nb2x1s0a48t%22%7D%5D%2C%22siteId%22%3A%221129570900026411565%22%2C%22location%22%3A%22https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html%22%7D&callback=cXJsonpCB3
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
c9ce37708ca22858db9fb348eaa4d1806b5df5add2506ec14739d4448c9daad5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:17 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
102
expires
Mon, 26 Jul 1997 05:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame F858 		0
949 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&e=wqT_3QLIFejICgAAAwDWAAUBCMyRvKIGEMX54Zbbp_OuWxgAKjYJ6kFBKVq5wz8R3-LhPQeWvT8ZAAAAIIVrIUAh3w0SACkRJNAxAAAAgOtR-D8w1eb0BTibNkC4aEiRBFD0jYSyAVj410BgAGi_41l45M8FgAEBigEDVVNEkgUG8JWYAQGgAQGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAu9E4ALY0TXqAk9odHRwczovL3NsYXRlLmNvbS90ZWNobm9sb2d5LzIwMjAvMTIvc29sYXJ3aW5kcy1oYWNrLW1hbHdhcmUtYWN0aXZlLWJyZWFjaC5odG1sgAMAiAMBkAMAmAMXoAMBqgOKEQrgEGh0dHABZfCwdHJhY2UubWVkaWFnby5pby9hcGkvbG9nL3dpbm5vdGljZT90bj1mZDJjNzhlNDU1MzNlZjI5ZGY4OGU3NWZiYzE2Mjc1YSZ3aW5sb3NzPTEmaWQ9YWNjNWVjYjkzZWIwMDFkMzE1NmEyMmMyNWUyOWFlOTkmc2VhdF9pZD0ke0FVQ1RJT05fU0VBVF9JRH0mY3VycmVuY3k9JHtBVUNUSU9OX0NVUlJFTkNZfSZiaWRfMjcADEJJRF8BNghhZF8yGAAAQQkXBZMMJmltcAEeaDY1ODM2NDM4OTUxNjI3NjQ0ODUmcHJpY2U9JBWH8E9QUklDRX0mdGVzdD0wJnRpbWU9MTY4MjkwMTE5NiZkcD1UZVRReFpsUEltcWliLV9LNHNLYUd6RlZWVGtzcklHLUVvWWxLWHJZVjZVJmRzcAF49EYIMjImdXJsPWJkUndrTGJoODhISkdKMWpZNTlad2dCaXRVaHJlOWdUZnNnUWRNNU01SmZIc3M5bzM3dUViU3NpRDdhZl9ncjg0VGFBYUw3Sy1JcDJZaHp5Y2IxSUpzcEJlcFVQaTBxcTU0ZjNueFNSRnlXOVI5eWFNMjZpN2M4T0Eyc1p5bGdNOHp3UlVQcVcxLVJSWXlCTzVLX0FmN2lveFhDNGtndGJtYXFNbHBsbm91QnpOdFpBVnAtc29pRkpZVGg3OUM5T3B0ZGF0NlBMZ1JHNXNFVUo2WENRcHZfUGpQakRvUzVDR3J4T2lpcGNRUVRaUWhzd0xJRml1QldZNzRaQUVjTlFDODY2dXUtSmF1a2dpM0NvRGxHaklPX1NpQnoyeEtKblNmWWZjQ3dKMkdGYlFxOGNibV83Mmpyd3JEVFNxWXFZYXRiRlphMHo0d0ctWEZXQzZGQ1hpd1I2MzdOMmIwcm9XR3haOHRDU0FvSVpZUmk1U3BaSFhuQm1IYkFlMVo5MGlZVWNKcGJLYWVPempMLTBHVFBES0N0MFk4cHZTMDdUUzh6d2JRTlg0a1VkdWh0Q1NoQ3p4R1FrSkxIWWZiR3owV2NYYVE2aWd4NzJfU1JPY1VBdFpIcEMxNHJwdkV6MEVHTjIya2t1cUFMdllCclpBbXJBdXRFcVJxLXpUeEJTVnRlMmR5eTBRZm85ckxLNWRxVWNOcThZc0kwN3ZTNExTUzIySHlaRVNyd1NfZzhENUgxTVNKN0hIS0Jmb0xnWXFhXzJYME1nYmJwclZvenVXUGdLeGRNZVBFUVc4UmpLbERndGotSWJkS1BUbzlJVFQzTzdDRXNrQVRNNUF1M2FfeTFHM01fblpkb3Y5UHlRcVVQaHNDVGMwRjN2VmwzZFk1NGZQYzFGcUtDaDlyalVCYmpWck5keXZoSEhlLVNjdU5ZamhqYy1pemVQYmxROTlVRE1zdU9XNV82RXdZVTFmQWlhOVE5X05jRFlGR25PcU1pWTBKbFdhMzVKTG1SeVNMSzVLM2tZOHpma0lsRjZQRnJGM2lxVHF5bHlka0dYRURoZ3l1RkxmY20zY2p1V1FNRnduM3dSeXRjbzBmRVZzTC1NY3BpX1ZkOXBTYlhVZjh3bGxxYzFWNmQ4dDFQNlN2LXdWd0lqUW5pbEdGd0YxQ2FCMFU1N1dXZ09PS3pQRkhsUTJFbGdoT0gxcTFNQmxNMHdNMzkweXdpY1UxVFNSWjdJV0pTQkhBb2E1dS1jMzY2cEE0NmI1Y1l3TjRaaWMwOWdJVFcybGNGb2V5eFBydDFrZVh2c0JpMEw0V19GdTZWV3ZXTllqd3RhWHpfeE5BVWJnSzNmcWx6bDkyZXRuWWF2aml5aGJFXzBiY05lcTlDYUpWRlJrcGpXVGRPMXQ5dkl4Y3c2UFNDQkhxa1N3VlQtYzVrbWVmbEtqQWVqdERMN0VoWnR3V0RMMVJoUTV0UTdKVnZaWlQyc0dCSjV3UE51M29qMEE5M210V0JqWlhkbDNWMDJrV1lTVmJrSE9SVl81d3NUTXFUSm5sTzRXQTBvZlJVUGM2b1ZvVmo4UGlJOWUxTkZicnM4NGtveURIYnd5bmhfT3pydks0UmFaYWVuM3dudVhHaHZJTjN1ME9ONlVSUHpxd0VhdlpLZ0lOWndjeWtRZVB0N2RXQ0hQVlpCUG5kWVkwMDM1OGxWNDlnb3l3enM1VUs1YTZsbGlpYjVVMGEzYmZQZUNaVmxrX09yX3hzenNoQlFpTldIeW1Tc2NmaXJVWHVzVU5QdWI1WDBLM3M1V1NtMmotQk5UREVVZ2JxOGlUQkZ5NWFQNUZSZGhXWnkwQTJVOS1zYURNMXZUYXVNM0NNSS1WeWwtUXloYkJmaDlQaG9pN3JaVU9kaFV3ckVzZWR4UFB0N2JyMGxDTzAxUEI1OEJ0bHdvRnhaQVBwRkhiYWxVUW54OUF6WkFXSjBNMGVuTVJ1VXlrbUVzbnhFejlybmZUZkcyTG1jOEJsWTB4cHg5QmpjMjU3XzNSTDNpcnhzZkpubEJyeEFxZTBPYUk2d1UzS25GaWY2QmxaZkp6dmxJSmxCcVpOdU5vNVJ5YmllQUl6dXZGaldLb1RTTGJKRFBZbXBfVTR2Q3MyY0NaSWVCc01pOFJldGJuTTIwM2xPMEV2WVhORXc5QnhoYk81YmxiNnIwb0xDTHZ1Vk9FYXM5Rk02T1UtOHVyNUNpNlFoTDZYQW9UTXZNclZkN19sbWZMVGRiNFBURmhnYm1YVVlaLUtva1BlLTlkVkRkQlVJak5IaCZzcD1sRlVTRHc5cExjOC1NNllhY25TLWc2Qi1WM3ZZLVhKVVlxM1JXZjdDYlRFGhM2NTgzNjQzODk1MTYyNzY0NDg1IgkzNzMzNjAzNzIqBTEzMzY4wAPgqAHIAwDYA9QZ4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0OS41Ni4xNTMuMTg3qAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEoa_xE8gEANoEAggB4AQB8AT0jYSyAYgFAZgFAKAFte6M49Dmr6QswAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFo48e-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_aBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYM8gYCCACABwGIBwCgB0G6BwgqBDEtLS1AAcgH5M8F0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AeRgAiKCAIQAJUIAACAP5gIAQ..&s=0836d74a87e16091ef1598bdda665a03ec74e6e2&type=nv&nvt=5&jm=1003&px=315&py=216&bw=970&bh=68&sid=7444565871528178325&vd=ct~0|rr~0&sv=232&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=12399445&sw=1600&sh=1200&pw=1600&ph=8279&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:17 GMT
AN-X-Request-Uuid
75e9ce21-2652-4112-930b-f4e1fad0ba2e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://slate.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
logAutoMicroConversion
api-v3.tinypass.com/api/v3/conversion/ 		49 B
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-v3.tinypass.com/api/v3/conversion/logAutoMicroConversion?tracking_id=%7Bkpdx%7DAAAArg_ag_3zagoKaG9teXY1VXpwdRIQbGg0M3g1aThtZWM2NDlkZhoMRVg2Tkg4VUxHMUQ3IiUxODA3a3NnMGQ4LTAwMDAzMXVrbjlmOGJ0dXNjdjIxcHZlOHJnKiBzaG93UmVjb21tZW5kYXRpb25zREk3Rk1CQlgzM1lJOVISdi1rAPAfaTJzZ2ZsN2Q3WhQyNjA3OjUzMDA6NjA6Nzg2Nzo6N2IDZHdjaMy0waIGcAZ4GA&event_type=EXTERNAL_EVENT&event_group_id=init&custom_params=%7B%22source%22%3A%22CX%22%7D&browser_id=lh43x5i8b1qqhapo&callback=jsonp8579
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f215bb5b4c626392e4accf2dc23286ca110d204e226bdb7c954f90b411d96db9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:17 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c03eea5fb107150-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
50757f3368b361850fdd8a873dca7fb0
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame AE2C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPyp7TJUPwOt9iF8md6NEco-LNn85zxcBsjAYFwvMtorXM1d4kkBowm09NC1V2WKEq0LIF4sY8buM6wDe93BCCrO_yzsPTdOQOcLgz8PUZnAG06TImIrYHWBr4wmcCSO3ei5uR0js1VaweL12QM_DF8WDtI0nQHQrL7CN1wrK89xs7DZXK-i2nDcAp2k1wPcNvL-p7WoE3OO3c3ZGgz3TUYhedzJCXhmEekuXCpWf8hkFNgxKdmoAv9fveUoKdhu_9an5RHoZjrfn-XunvvXYulvIqGZJ2jzmOdKmSOrUonchHYjzWmVymfUdsMyHVbVHa7PI8TLNzYFzthEQ3hnT1&sai=AMfl-YRtZ5Z_kkT-A8mCuVJc2Ymb96-XbfbPfR38g4AeROZ7iwqvE9gQrw33DaQn29xHbAVgHbPqb8bNksOLB2fBxlj3d-Da7gQ16ZkEftN-WLWMzpcpYiDaCkfnDcPzxy9VSDGdZ9ZLT9XbJF_Zr6I&sig=Cg0ArKJSzA_H7pvdZkExEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 01 May 2023 00:33:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F858 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCQ5u61X6lxUJfUsQP5AnPxejmRxyjqWdLsRbN-GxYFb-m-ciG7xkQr-fuqN0aGa2U_lOyyhGUJGJDvIZ6grcE8swxn1LI0JHn69j30z6Qdt1VwHimaHZHK2JzxisEU_qEdlVbak3Ew-9J4KfCDCFD43_jUwh2rI3ZQVUPZo4HsE5U27kofmJomxb4PCHwB6byr5eq6CPXpFMoBITAYDkP4zbt9zkxLR5VjmYmvGKNgYuqiLCi0lTHT5fs2iA4JoEMsXN1cgv-sOPKKYz-TXluOeTWEv-FHppp46ssd7WDp5-AFcsWA1-koLHvkqhZQFt9GzXUA5HcQHWXe1JGPyO0&sai=AMfl-YSEcBCofOL4CbhGF49QEGDxUgNTeJywHOjn7etkUjCCBQV4rHLkph4kBPGuy6LmdvitNaA-_w7X_AdBaGpeSNYd8TXOSICtm0uyluW6ySgaaYPvoNjU9AOn8zUenX_Oy5opbLfS6XTYroTrBvI&sig=Cg0ArKJSzGnGPSnVFGWwEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 01 May 2023 00:33:17 GMT
jfy5yp77cohy74fsw5uk.mp4
cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1675413952/ 		67 KB
67 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1675413952/jfy5yp77cohy74fsw5uk.mp4
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5af7f54e4682da1be1484f658f9b15a84537085a4081cef229704a6d8e4ceb71

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
JhpPlUz7nZ57ILPZKofZM6pneMKKR0I4
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish
x-amz-request-id
0QY3D37DE8NQ2K93
age
67
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-68339/68340
x-amz-replication-status
COMPLETED
Content-Length
68340
x-amz-id-2
rTj6DcrSdCKMK4ujxPQ5W+hpfiB2YLqEqkD4tgAhxhPruIhRcD0mpgPEjm7gDOWecMEby75zOzI=
x-served-by
cache-yul12827-YUL
last-modified
Fri, 03 Feb 2023 08:45:58 GMT
server
AmazonS3
x-timer
S1682901198.945933,VS0,VE2
etag
"12d66db772be5305a2eda235f0b44b99"
content-type
video/mp4;codecs=avc1
abp
44
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
hjsw4lzlkiert7w5si0o.mp4
cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1673969046/ 		92 KB
92 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1673969046/hjsw4lzlkiert7w5si0o.mp4
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef5a01844a9c32cef5fc5fde48c93aad4a06b2d21a231dd85f5a371767ff052b

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
rnYA6IIikpBlVvLzbfQdhAF2fwkT4rGj
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish
x-amz-request-id
A7F8RB2SE71542NN
age
40
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-94034/94035
x-amz-replication-status
COMPLETED
Content-Length
94035
x-amz-id-2
Hz0IbyBmavd/rhQeSjvvQHGdums/UVl6SGnwyFmGCCpaBfa3CO3HwvoGaEnRrbQcwtk++iREImU=
x-served-by
cache-yul12827-YUL
last-modified
Tue, 17 Jan 2023 15:24:12 GMT
server
AmazonS3
x-timer
S1682901198.946351,VS0,VE2
etag
"9901956b8008e2ed3a6456dc67d190b6"
content-type
video/mp4;codecs=avc1
abp
44
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
m9cabqoqqmojcfjdrspf.mp4
cdn.taboola.com/libtrc/static/video/v1677157273/ 		201 KB
202 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1677157273/m9cabqoqqmojcfjdrspf.mp4
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b305ec62d4bd57719fa55c07efab0ac818094546e75a51828ad9e0998d191663

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
D2ddMbrdIb9zg.FfOhXk.X79JMWHavw_
date
Mon, 01 May 2023 00:33:17 GMT
via
1.1 varnish
x-amz-request-id
W2NSVC6Z30BBN53N
age
93
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-206289/206290
x-amz-replication-status
COMPLETED
Content-Length
206290
x-amz-id-2
QrhckMhNbGRahQ7sgxAUqqu7TZzm/9fRYPs8Yx5rnE8mO0gWfgY3zXjYxnnprM4QPa7pooeSXUg=
x-served-by
cache-yul12827-YUL
last-modified
Thu, 23 Feb 2023 13:01:18 GMT
server
AmazonS3
x-timer
S1682901198.946336,VS0,VE10
etag
"572387225eed63a0b5fb7980e5c39d42"
content-type
video/mp4;codecs=avc1
abp
44
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
st
imprnjmp.taboola.com/ Frame 2D71 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8-ygCLAbcxoqhqbgJtxG4jRVDU3ETbisAAABgYID-AAnMdivjwjZyi1wLz1q0GTnWEpfDtdYYNxPfxjMYLlcWIyCB2W5lXNhGbpFr4VmLNiPHWuJyuNYa42bi23gGw-XKYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd6zdlhetk1frdf9PIY7X6z3-f8SwaTwV4x2Wv-Zofl97SbPG-hw-N1qx1m38Pycis8pqft5ZZYXg6P0S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA4DJBoHokANC--2my8th9gcAAAAAEAAAAAAkABCYq0sAxMzlnfj_________jzFAn3kj4_____-GQg-ABx8AD0IAAAAuhiQ4BaqaI20xEyGwKsIIAAAAQCVO5u6RSTpBxaLK__9_vxWAKwAAAYfUul0fWXQHJd7CAAAAEIxZoIfF7zc77Bq_22X-_________838n_lHI1RTP5xGeBLFXs0vIADAml9AAAA26gYA4E0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHlxjgaLFcO32JkWZg2holvNRrOdjPTcrnw7Rbek1bDJjDSWlvUJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVkgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYzNJp7NbrdbqwYbi1s0Ma3cwt1g5taNXKPdYjIYGYe7tej1MV1Mw-HKNPEiwYCovUieFulEYrG4JqOJx-HbmBYrl3Hh3A0Wk4nJ5hisfDOHaSKWaE4W6UR22ZeWG-NosFw5fIuRZWHaGCa-1Wg4281My-XCt1v4a7OJZ7Pb7daqwcbiFk1MK7dwN5i5dSPXaLeYDEbG4W4ten1MF9NwuDJN_I3ZcLIcLBbL1b4xG06Wg8Viudp36Azf1edsVK5lj4_LVs0Wxuaaw6BwGSzeleq00hYkB232KnK6NDNlUWf0-_1-v9_v9_v9foPWczAbFL7v0DocR64fZ3bxPYgNCkUsEVykE83ZYXp5_G6LWKI0XaQTvejlMdr9Zr_P-ZcMJoO9YrLX_M0Oy-9pN3neQofH61Y7zL6H5eVWeExP28stsbwcHqNdaHqbLWKJ4HSRTkQv4-mi_iOHGC3nqtlcsdrMFcPdKgEAAAAAAAAAWIJJppsAAAAAOBnUbrabrNbpYCajwXCyWi6AC4ZWXT_hZlNgrILbxRp7DGHODtPL43dbGcAFwyqzzT4jiLVaLWsAAAAC2AAAAAK46cabQHQo7v___38cAAAAGTn0AAAA6PcBScUduVLohfMriMFwtdo_ABVirVar2421Wi0!&cmcv=&pix=undefined&cb=1682901197942&uv=3270&tms=1682901197942&abt=id5mc_vA!nonrv_vA!tbt_lite_unit!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=067e8a6d-d5a3-43d1-bea5-c83b7c3089eb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/slate/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
df2e70be4a8ed0fbd4fe130176c4f5348cdb30badc76e904a0748639f59966c9

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Mon, 01 May 2023 00:33:18 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12827-YUL
x-timer
S1682901198.055696,VS0,VE12
st
us-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8-ygCLAbcxoqhqbgJtxG4jRVDU3ETbisAAABgYID-AAnMdivjwjZyi1wLz1q0GTnWEpfDtdYYNxPfxjMYLlcWIyCB2W5lXNhGbpFr4VmLNiPHWuJyuNYa42bi23gGw-XKYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd6zdlhetk1frdf9PIY7X6z3-f8SwaTwV4x2Wv-Zofl97SbPG-hw-N1qx1m38Pycis8pqft5ZZYXg6P0S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA4DJBoHokANC--2my8th9gcAAAAAEAAAAAAkABCYq0sAxMzlnfj_________jzFAn3kj4_____-GQg-ABx8AD0IAAAAuhiQ4BaqaI20xEyGwKsIIAAAAQCVO5u6RSTpBxaLK__9_vxWAKwAAAYfUul0fWXQHJd7CAAAAEIxZoIfF7zc77Bq_22X-_________838n_lHI1RTP5xGeBLFXs0vIADAml9AAAA26gYA4E0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHlxjgaLFcO32JkWZg2holvNRrOdjPTcrnw7Rbek1bDJjDSWlvUJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVkgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYzNJp7NbrdbqwYbi1s0Ma3cwt1g5taNXKPdYjIYGYe7tej1MV1Mw-HKNPEiwYCovUieFulEYrG4JqOJx-HbmBYrl3Hh3A0Wk4nJ5hisfDOHaSKWaE4W6UR22ZeWG-NosFw5fIuRZWHaGCa-1Wg4281My-XCt1v4a7OJZ7Pb7daqwcbiFk1MK7dwN5i5dSPXaLeYDEbG4W4ten1MF9NwuDJN_I3ZcLIcLBbL1b4xG06Wg8Viudp36Azf1edsVK5lj4_LVs0Wxuaaw6BwGSzeleq00hYkB232KnK6NDNlUWf0-_1-v9_v9_v9foPWczAbFL7v0DocR64fZ3bxPYgNCkUsEVykE83ZYXp5_G6LWKI0XaQTvejlMdr9Zr_P-ZcMJoO9YrLX_M0Oy-9pN3neQofH61Y7zL6H5eVWeExP28stsbwcHqNdaHqbLWKJ4HSRTkQv4-mi_iOHGC3nqtlcsdrMFcPdKgEAAAAAAAAAWIJJppsAAAAAOBnUbrabrNbpYCajwXCyWi6AC4ZWXT_hZlNgrILbxRp7DGHODtPL43dbGcAFwyqzzT4jiLVaLWsAAAAC2AAAAAK46cabQHQo7v___38cAAAAGTn0AAAA6PcBScUduVLohfMriMFwtdo_ABVirVar2421Wi0!&cmcv=&pix=31589837&cb=1682901197942&uv=3270&tms=1682901197942&abt=id5mc_vA!nonrv_vA!tbt_lite_unit!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1682901195044.6!ts:1682901197942&mntl=1
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:18 GMT
content-length
0
server
nginx
publishertag.prebid.130.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 02 May 2023 00:33:18 GMT
sync
us-match.taboola.com/ Frame 8C26 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V8-ygCLAbcxoqhqbgJtxG4jRVDU3ETbisAAABgYID-AAnMdivjwjZyi1wLz1q0GTnWEpfDtdYYNxPfxjMYLlcWIyCB2W5lXNhGbpFr4VmLNiPHWuJyuNYa42bi23gGw-XKYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd6zdlhetk1frdf9PIY7X6z3-f8SwaTwV4x2Wv-Zofl97SbPG-hw-N1qx1m38Pycis8pqft5ZZYXg6P0S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA4DJBoHokANC--2my8th9gcAAAAAEAAAAAAkABCYq0sAxMzlnfj_________jzFAn3kj4_____-GQg-ABx8AD0IAAAAuhiQ4BaqaI20xEyGwKsIIAAAAQCVO5u6RSTpBxaLK__9_vxWAKwAAAYfUul0fWXQHJd7CAAAAEIxZoIfF7zc77Bq_22X-_________838n_lHI1RTP5xGeBLFXs0vIADAml9AAAA26gYA4E0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHlxjgaLFcO32JkWZg2holvNRrOdjPTcrnw7Rbek1bDJjDSWlvUJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVkgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYzNJp7NbrdbqwYbi1s0Ma3cwt1g5taNXKPdYjIYGYe7tej1MV1Mw-HKNPEiwYCovUieFulEYrG4JqOJx-HbmBYrl3Hh3A0Wk4nJ5hisfDOHaSKWaE4W6UR22ZeWG-NosFw5fIuRZWHaGCa-1Wg4281My-XCt1v4a7OJZ7Pb7daqwcbiFk1MK7dwN5i5dSPXaLeYDEbG4W4ten1MF9NwuDJN_I3ZcLIcLBbL1b4xG06Wg8Viudp36Azf1edsVK5lj4_LVs0Wxuaaw6BwGSzeleq00hYkB232KnK6NDNlUWf0-_1-v9_v9_v9foPWczAbFL7v0DocR64fZ3bxPYgNCkUsEVykE83ZYXp5_G6LWKI0XaQTvejlMdr9Zr_P-ZcMJoO9YrLX_M0Oy-9pN3neQofH61Y7zL6H5eVWeExP28stsbwcHqNdaHqbLWKJ4HSRTkQv4-mi_iOHGC3nqtlcsdrMFcPdKgEAAAAAAAAAWIJJppsAAAAAOBnUbrabrNbpYCajwXCyWi6AC4ZWXT_hZlNgrILbxRp7DGHODtPL43dbGcAFwyqzzT4jiLVaLWsAAAAC2AAAAAK46cabQHQo7v___38cAAAAGTn0AAAA6PcBScUduVLohfMriMFwtdo_ABVirVar2421Wi0!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/slate/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
fe892d168d8119035fc0fc6ec5a75445a53f95a7465bbe5cf65648a8c04c1d25

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 01 May 2023 00:33:18 GMT
machineid
3109
server
nginx
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
906b2a7baed50703db09de97bff4b6a0afda8a6b293c886f1385c0dc93073a16

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:33:18 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://slate.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
VideoBidRequestHandlerServlet
wf.taboola.com/ 		12 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1682901198073&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1514&pt=1265692846&tz=0&viewable=true&ddast=V8-ygCLAbcxoqhqbgJtxG4jRVDU3ETbisAAABgYID-AAnMdivjwjZyi1wLz1q0GTnWEpfDtdYYNxPfxjMYLlcWIyCB2W5lXNhGbpFr4VmLNiPHWuJyuNYa42bi23gGw-XKYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd6zdlhetk1frdf9PIY7X6z3-f8SwaTwV4x2Wv-Zofl97SbPG-hw-N1qx1m38Pycis8pqft5ZZYXg6P0S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA4DJBoHokANC--2my8th9gcAAAAAEAAAAAAkABCYq0sAxMzlnfj_________jzFAn3kj4_____-GQg-ABx8AD0IAAAAuhiQ4BaqaI20xEyGwKsIIAAAAQCVO5u6RSTpBxaLK__9_vxWAKwAAAYfUul0fWXQHJd7CAAAAEIxZoIfF7zc77Bq_22X-_________838n_lHI1RTP5xGeBLFXs0vIADAml9AAAA26gYA4E0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHlxjgaLFcO32JkWZg2holvNRrOdjPTcrnw7Rbek1bDJjDSWlvUJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVkgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYzNJp7NbrdbqwYbi1s0Ma3cwt1g5taNXKPdYjIYGYe7tej1MV1Mw-HKNPEiwYCovUieFulEYrG4JqOJx-HbmBYrl3Hh3A0Wk4nJ5hisfDOHaSKWaE4W6UR22ZeWG-NosFw5fIuRZWHaGCa-1Wg4281My-XCt1v4a7OJZ7Pb7daqwcbiFk1MK7dwN5i5dSPXaLeYDEbG4W4ten1MF9NwuDJN_I3ZcLIcLBbL1b4xG06Wg8Viudp36Azf1edsVK5lj4_LVs0Wxuaaw6BwGSzeleq00hYkB232KnK6NDNlUWf0-_1-v9_v9_v9foPWczAbFL7v0DocR64fZ3bxPYgNCkUsEVykE83ZYXp5_G6LWKI0XaQTvejlMdr9Zr_P-ZcMJoO9YrLX_M0Oy-9pN3neQofH61Y7zL6H5eVWeExP28stsbwcHqNdaHqbLWKJ4HSRTkQv4-mi_iOHGC3nqtlcsdrMFcPdKgEAAAAAAAAAWIJJppsAAAAAOBnUbrabrNbpYCajwXCyWi6AC4ZWXT_hZlNgrILbxRp7DGHODtPL43dbGcAFwyqzzT4jiLVaLWsAAAAC2AAAAAK46cabQHQo7v___38cAAAAGTn0AAAA6PcBScUduVLohfMriMFwtdo_ABVirVar2421Wi0!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3240825&dpubid=576725&abtst=id5mc_vA!nonrv_vA!tbt_lite_unit!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fslate.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/132128.328.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d606342f6fde4b71c5303165421e526b9b1b88d81db29a24d5837beb1fdfa4ae

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Mon, 01 May 2023 00:33:18 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1110
x-cache
MISS
x-served-by
cache-yul12827-YUL
pragma
no-cache
server
nginx
x-timer
S1682901198.094362,VS0,VE456
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://slate.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://taboola-d.openx.net>; rel=preconnect,<https://gklfs-x8k98.ads.tremorhub.com>; rel=preconnect,<https://ads.stickyadstv.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
segment
api.permutive.com/adv/v2/ 		30 B
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:33:18 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30
content-type
application/json
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304260101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304260101/pubads_impl.js?cb=31074189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5006496f82b6cf11d09953c6ffdf70c3445826708454d034989d15ebb464038
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11057
x-xss-protection
0
syncframe
gum.criteo.com/ Frame D7C3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=slate.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/slate/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:33:17 GMT
server
Kestrel
server-processing-duration-in-ticks
502071
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
13468
check.analytics.rlcdn.com/check/ 		25 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13468
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-12.jfk50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 May 2023 00:33:18 GMT
via
1.1 6c9d752a06683b70c3a48f07f80d43b0.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
x-amzn-trace-id
Root=1-644f08ce-6fa5a4581d5781931e853795
x-amzn-requestid
b02afcd4-1a29-4682-a3bb-8768aedcd17f
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
EN5QREvIjoEFrlQ=
content-length
25
x-amz-cf-id
_g6Ttgh58i20JpCYlL6rJHbdpZmWe681veATGZoQ2d2BZPs1T-FoLw==
audiences
api.permutive.com/audience-matching/v1/id/0fbc5f50-41d4-4212-87b7-0d26e0d452d3/ 		12 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/0fbc5f50-41d4-4212-87b7-0d26e0d452d3/audiences?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:33:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
sid
mug.criteo.com/ Frame D7C3
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=slate.com&sn=ChromeSyncframe&so=0&topUrl=slate.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=3eT4WnxYN2RzRkRVa29vQVhQRlFwdjJtMXlkdHpaK3ZJUE1saXNZb2p4UGd3M21udHVTWkZ4R0tmVEYwU01GR3MySkdCbHA3bHVWNjcrYUIwampJcklXb3BWZnFRaFMwV05UU2JsbXRtY3Z0UzRGK2Qxdm5rTTN5TFVYUj...
428 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=3eT4WnxYN2RzRkRVa29vQVhQRlFwdjJtMXlkdHpaK3ZJUE1saXNZb2p4UGd3M21udHVTWkZ4R0tmVEYwU01GR3MySkdCbHA3bHVWNjcrYUIwampJcklXb3BWZnFRaFMwV05UU2JsbXRtY3Z0UzRGK2Qxdm5rTTN5TFVYUjVYUDFHQ2hSMmhWME5WWE5YY3RaRFFBY1A4ZnJCclF0Nkd2RTYvbGJnamZNKzdLQzF4bExEYmkrOWFoU1BWcXlVU05xQVg1TElKNno3clEwQVpEYnVqUmZMZHlITlBGTkU2aHB6Q0t2b1owQmt2UjQ5dXZ0UDJRNTJ5MFpDeFhhMTM0QVZseTFaUXU5QUtTN2QveXVaa2UxNUpsYndBdz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7518cb7b94074613fa6602aa9be438d19a43ca54b16955cd315f6c4e8c11e60b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:17 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
6047281
expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=3eT4WnxYN2RzRkRVa29vQVhQRlFwdjJtMXlkdHpaK3ZJUE1saXNZb2p4UGd3M21udHVTWkZ4R0tmVEYwU01GR3MySkdCbHA3bHVWNjcrYUIwampJcklXb3BWZnFRaFMwV05UU2JsbXRtY3Z0UzRGK2Qxdm5rTTN5TFVYUjVYUDFHQ2hSMmhWME5WWE5YY3RaRFFBY1A4ZnJCclF0Nkd2RTYvbGJnamZNKzdLQzF4bExEYmkrOWFoU1BWcXlVU05xQVg1TElKNno3clEwQVpEYnVqUmZMZHlITlBGTkU2aHB6Q0t2b1owQmt2UjQ5dXZ0UDJRNTJ5MFpDeFhhMTM0QVZseTFaUXU5QUtTN2QveXVaa2UxNUpsYndBdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
632167
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/slate/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 01 May 2023 00:33:18 GMT
13468
check.analytics.rlcdn.com/check/ 		25 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13468
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-12.jfk50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 May 2023 00:33:18 GMT
via
1.1 6c9d752a06683b70c3a48f07f80d43b0.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
x-amzn-trace-id
Root=1-644f08ce-6c17be5d2bdd3f3d2994aeec
x-amzn-requestid
b17e09a2-635f-4063-93a0-7a3b57392259
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
EN5QTHTVjoEFltg=
content-length
25
x-amz-cf-id
GbUZjFpyudtvdp_hCtNz6HGxXjt9wYDDz_c3P8w1v6i96z-yxK4mQQ==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 568B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/slate/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
102853
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 19:59:05 GMT
expires
Sun, 28 Apr 2024 19:59:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E206 		783 B
952 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/slate/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4e2741534f1251ac4dc08239c115a3db3bb642af989433283458eecce58833b9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MwNorCboYUVDfVig6EYR_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-MwNorCboYUVDfVig6EYR_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:33:18 GMT
expires
Mon, 01 May 2023 00:33:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bulk
trc.taboola.com/slatecom/log/3/ 		0
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/slatecom/log/3/bulk?tvi2=9515&route=US%3AUS%3AV&lti=deflated&bulkSize=5
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230430-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
12
pragma
no-cache
date
Mon, 01 May 2023 00:33:18 GMT
via
1.1 varnish
x-served-by
cache-yul12827-YUL
server
nginx
x-timer
S1682901198.308109,VS0,VE12
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://slate.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
pagead2.googlesyndication.com/bg/ Frame 568B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
361486
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:08:32 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E206 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304260101&jk=1435026483694479&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
segment
api.permutive.com/clm/v1/ 		65 B
79 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/clm/v1/segment?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e6ea7385c5e0f6b39167f61372c7c480d5467d0a5befbc3f88e04f8aa3e3a783

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:33:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65
content-type
application/json
segment
api.permutive.com/clm/v1/ 		65 B
79 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/clm/v1/segment?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e6ea7385c5e0f6b39167f61372c7c480d5467d0a5befbc3f88e04f8aa3e3a783

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:33:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65
content-type
application/json
generate_204
tpc.googlesyndication.com/ Frame 568B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Ri7ySg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/32_7_0/infra/ 		899 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/32_7_0/infra/cmTagFEED_MANAGER.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/slate/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
203316af71b5e6266f6b921ce23ebf03baa8bcb293645da6b9c78718d6c6def7

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Origin
https://slate.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-meta-mtime
1682327252
date
Mon, 01 May 2023 00:33:18 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
MCEYM9EDJZVRQPFA
age
573796
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1682327253
x-amz-meta-mode
33188
content-length
150749
x-amz-id-2
D6VFUUHrSkpUjDmW8eLQm5x+evGaXCAZm/5fxMh0jMMKHJ6jCR3aU69jwfKeN+dOXx1MvO3QeKM=
x-served-by
cache-yul12825-YUL
last-modified
Mon, 24 Apr 2023 09:07:34 GMT
server
AmazonS3-br
x-timer
S1682901199.606616,VS0,VE0
etag
"67ba61c1bb660235d1f24f85a1e08a06"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
401492
cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_7_0/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/32_7_0/assets/css/cmOsUnit.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/slate/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-meta-mtime
1682327271
date
Mon, 01 May 2023 00:33:18 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
MCES7DQ7MW10GNZJ
age
573796
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1682327271
x-amz-meta-mode
33188
content-length
7877
x-amz-id-2
XGUsJdYY8klTxR0CVa0ShngfxM1xnuseAU/ldhonbZyCxmu4JOiVT3YBbvhr4x5+CbuIQXlh2Dc=
x-served-by
cache-yul12827-YUL
last-modified
Mon, 24 Apr 2023 09:07:52 GMT
server
AmazonS3-br
x-timer
S1682901199.570722,VS0,VE0
etag
"92502277b3d6d05481ffd7687771377e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
450063
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Mon, 01 May 2023 00:33:18 GMT
via
1.1 varnish
x-amz-request-id
JFXX7NJ7M2FJYZ6M
age
117
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
VNuE79zGkuG1WkYkook/LzjO6m8khshs44k88xUnWQ3oapFOdrvCIvii4035AZYl3g9EnhgUwco=
x-served-by
cache-yul12827-YUL
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1682901199.658224,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
44
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
63
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/slate/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:18 GMT
via
1.1 ea419f8269940bd7231c70acd36c430c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
YUL62-C2
age
1249569
x-cache
Miss from cloudfront, HIT
content-length
4839
x-served-by
cache-yul12827-YUL
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1682901199.766527,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
nTlDpxKpU2oxXr-KCReR8JyTuXzflXBN5UonolXBh1V4BXDCzI1W5w==
x-cache-hits
294797
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/ 		442 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/slate/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
412930d5c0e70458a49866b0d7621325c81aa80e8674d25520c656f908268ff7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-meta-mtime
1682154062
date
Mon, 01 May 2023 00:33:18 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
ZSPWC1QV9FHZSKPN
age
747084
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1682154074
x-amz-meta-mode
33188
content-length
85672
x-amz-id-2
0pwUmxywxQ95kakTDOGJF747rZujHnuOk7tNbyld8WkYt5FqdA7DrphVeVm3yqUJbynGhjCDX5I=
x-served-by
cache-yul12827-YUL
last-modified
Sat, 22 Apr 2023 09:01:15 GMT
server
AmazonS3-br
x-timer
S1682901199.794747,VS0,VE0
etag
"9b2a5bec79742c442d1e12f994fa0c81"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
618192
sync
us-match.taboola.com/ Frame F15F 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V8-ygCLAbcxoqhqbgJtxG4jRVDU3ETbisAAABgYID-AAnMdivjwjZyi1wLz1q0GTnWEpfDtdYYNxPfxjMYLlcWIyCB2W5lXNhGbpFr4VmLNiPHWuJyuNYa42bi23gGw-XKYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd6zdlhetk1frdf9PIY7X6z3-f8SwaTwV4x2Wv-Zofl97SbPG-hw-N1qx1m38Pycis8pqft5ZZYXg6P0S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA4DJBoHokANC--2my8th9gcAAAAAEAAAAAAkABCYq0sAxMzlnfj_________jzFAn3kj4_____-GQg-ABx8AD0IAAAAuhiQ4BaqaI20xEyGwKsIIAAAAQCVO5u6RSTpBxaLK__9_vxWAKwAAAYfUul0fWXQHJd7CAAAAEIxZoIfF7zc77Bq_22X-_________838n_lHI1RTP5xGeBLFXs0vIADAml9AAAA26gYA4E0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHlxjgaLFcO32JkWZg2holvNRrOdjPTcrnw7Rbek1bDJjDSWlvUJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVkgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYzNJp7NbrdbqwYbi1s0Ma3cwt1g5taNXKPdYjIYGYe7tej1MV1Mw-HKNPEiwYCovUieFulEYrG4JqOJx-HbmBYrl3Hh3A0Wk4nJ5hisfDOHaSKWaE4W6UR22ZeWG-NosFw5fIuRZWHaGCa-1Wg4281My-XCt1v4a7OJZ7Pb7daqwcbiFk1MK7dwN5i5dSPXaLeYDEbG4W4ten1MF9NwuDJN_I3ZcLIcLBbL1b4xG06Wg8Viudp36Azf1edsVK5lj4_LVs0Wxuaaw6BwGSzeleq00hYkB232KnK6NDNlUWf0-_1-v9_v9_v9foPWczAbFL7v0DocR64fZ3bxPYgNCkUsEVykE83ZYXp5_G6LWKI0XaQTvejlMdr9Zr_P-ZcMJoO9YrLX_M0Oy-9pN3neQofH61Y7zL6H5eVWeExP28stsbwcHqNdaHqbLWKJ4HSRTkQv4-mi_iOHGC3nqtlcsdrMFcPdKgEAAAAAAAAAWIJJppsAAAAAOBnUbrabrNbpYCajwXCyWi6AC4ZWXT_hZlNgrILbxRp7DGHODtPL43dbGcAFwyqzzT4jiLVaLWsAAAAC2AAAAAK46cabQHQo7v___38cAAAAGTn0AAAA6PcBScUduVLohfMriMFwtdo_ABVirVar2421Wi0!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/slate/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
c4276ce0d77fa79310e9b0bead88d8065c5ea2905ac6151d7b0ee11d31a7fe1c

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 01 May 2023 00:33:18 GMT
machineid
3108
server
nginx
st
us-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8-ygCLAbcxoqhqbgJtxG4jRVDU3ETbisAAABgYID-AAnMdivjwjZyi1wLz1q0GTnWEpfDtdYYNxPfxjMYLlcWIyCB2W5lXNhGbpFr4VmLNiPHWuJyuNYa42bi23gGw-XKYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd6zdlhetk1frdf9PIY7X6z3-f8SwaTwV4x2Wv-Zofl97SbPG-hw-N1qx1m38Pycis8pqft5ZZYXg6P0S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA4DJBoHokANC--2my8th9gcAAAAAEAAAAAAkABCYq0sAxMzlnfj_________jzFAn3kj4_____-GQg-ABx8AD0IAAAAuhiQ4BaqaI20xEyGwKsIIAAAAQCVO5u6RSTpBxaLK__9_vxWAKwAAAYfUul0fWXQHJd7CAAAAEIxZoIfF7zc77Bq_22X-_________838n_lHI1RTP5xGeBLFXs0vIADAml9AAAA26gYA4E0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHlxjgaLFcO32JkWZg2holvNRrOdjPTcrnw7Rbek1bDJjDSWlvUJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVkgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYzNJp7NbrdbqwYbi1s0Ma3cwt1g5taNXKPdYjIYGYe7tej1MV1Mw-HKNPEiwYCovUieFulEYrG4JqOJx-HbmBYrl3Hh3A0Wk4nJ5hisfDOHaSKWaE4W6UR22ZeWG-NosFw5fIuRZWHaGCa-1Wg4281My-XCt1v4a7OJZ7Pb7daqwcbiFk1MK7dwN5i5dSPXaLeYDEbG4W4ten1MF9NwuDJN_I3ZcLIcLBbL1b4xG06Wg8Viudp36Azf1edsVK5lj4_LVs0Wxuaaw6BwGSzeleq00hYkB232KnK6NDNlUWf0-_1-v9_v9_v9foPWczAbFL7v0DocR64fZ3bxPYgNCkUsEVykE83ZYXp5_G6LWKI0XaQTvejlMdr9Zr_P-ZcMJoO9YrLX_M0Oy-9pN3neQofH61Y7zL6H5eVWeExP28stsbwcHqNdaHqbLWKJ4HSRTkQv4-mi_iOHGC3nqtlcsdrMFcPdKgEAAAAAAAAAWIJJppsAAAAAOBnUbrabrNbpYCajwXCyWi6AC4ZWXT_hZlNgrILbxRp7DGHODtPL43dbGcAFwyqzzT4jiLVaLWsAAAAC2AAAAAK46cabQHQo7v___38cAAAAGTn0AAAA6PcBScUduVLohfMriMFwtdo_ABVirVar2421Wi0!&cmcv=&pix=31579697&cb=1682901198791&uv=3270&tms=1682901198791&su=3&abt=id5mc_vA!nonrv_vA!tbt_lite_unit!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:18 GMT
content-length
0
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Mon, 01 May 2023 00:33:18 GMT
via
1.1 6e873fe6803a6da3d6232f8bb9104e9e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
YUL62-C2
age
1188344
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-yul12827-YUL
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1682901199.844838,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
0Wwp0qQPTOe4z1VTy46V7usYwzVot9xEt7H5eXIsV8sUReRowYzRVA==
x-cache-hits
498613
vevent
nym1-ib.adnxs.com/ Frame F858 		0
949 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&e=wqT_3QLIFejICgAAAwDWAAUBCMyRvKIGEMX54Zbbp_OuWxgAKjYJ6kFBKVq5wz8R3-LhPQeWvT8ZAAAAIIVrIUAh3w0SACkRJNAxAAAAgOtR-D8w1eb0BTibNkC4aEiRBFD0jYSyAVj410BgAGi_41l45M8FgAEBigEDVVNEkgUG8JWYAQGgAQGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAu9E4ALY0TXqAk9odHRwczovL3NsYXRlLmNvbS90ZWNobm9sb2d5LzIwMjAvMTIvc29sYXJ3aW5kcy1oYWNrLW1hbHdhcmUtYWN0aXZlLWJyZWFjaC5odG1sgAMAiAMBkAMAmAMXoAMBqgOKEQrgEGh0dHABZfCwdHJhY2UubWVkaWFnby5pby9hcGkvbG9nL3dpbm5vdGljZT90bj1mZDJjNzhlNDU1MzNlZjI5ZGY4OGU3NWZiYzE2Mjc1YSZ3aW5sb3NzPTEmaWQ9YWNjNWVjYjkzZWIwMDFkMzE1NmEyMmMyNWUyOWFlOTkmc2VhdF9pZD0ke0FVQ1RJT05fU0VBVF9JRH0mY3VycmVuY3k9JHtBVUNUSU9OX0NVUlJFTkNZfSZiaWRfMjcADEJJRF8BNghhZF8yGAAAQQkXBZMMJmltcAEeaDY1ODM2NDM4OTUxNjI3NjQ0ODUmcHJpY2U9JBWH8E9QUklDRX0mdGVzdD0wJnRpbWU9MTY4MjkwMTE5NiZkcD1UZVRReFpsUEltcWliLV9LNHNLYUd6RlZWVGtzcklHLUVvWWxLWHJZVjZVJmRzcAF49EYIMjImdXJsPWJkUndrTGJoODhISkdKMWpZNTlad2dCaXRVaHJlOWdUZnNnUWRNNU01SmZIc3M5bzM3dUViU3NpRDdhZl9ncjg0VGFBYUw3Sy1JcDJZaHp5Y2IxSUpzcEJlcFVQaTBxcTU0ZjNueFNSRnlXOVI5eWFNMjZpN2M4T0Eyc1p5bGdNOHp3UlVQcVcxLVJSWXlCTzVLX0FmN2lveFhDNGtndGJtYXFNbHBsbm91QnpOdFpBVnAtc29pRkpZVGg3OUM5T3B0ZGF0NlBMZ1JHNXNFVUo2WENRcHZfUGpQakRvUzVDR3J4T2lpcGNRUVRaUWhzd0xJRml1QldZNzRaQUVjTlFDODY2dXUtSmF1a2dpM0NvRGxHaklPX1NpQnoyeEtKblNmWWZjQ3dKMkdGYlFxOGNibV83Mmpyd3JEVFNxWXFZYXRiRlphMHo0d0ctWEZXQzZGQ1hpd1I2MzdOMmIwcm9XR3haOHRDU0FvSVpZUmk1U3BaSFhuQm1IYkFlMVo5MGlZVWNKcGJLYWVPempMLTBHVFBES0N0MFk4cHZTMDdUUzh6d2JRTlg0a1VkdWh0Q1NoQ3p4R1FrSkxIWWZiR3owV2NYYVE2aWd4NzJfU1JPY1VBdFpIcEMxNHJwdkV6MEVHTjIya2t1cUFMdllCclpBbXJBdXRFcVJxLXpUeEJTVnRlMmR5eTBRZm85ckxLNWRxVWNOcThZc0kwN3ZTNExTUzIySHlaRVNyd1NfZzhENUgxTVNKN0hIS0Jmb0xnWXFhXzJYME1nYmJwclZvenVXUGdLeGRNZVBFUVc4UmpLbERndGotSWJkS1BUbzlJVFQzTzdDRXNrQVRNNUF1M2FfeTFHM01fblpkb3Y5UHlRcVVQaHNDVGMwRjN2VmwzZFk1NGZQYzFGcUtDaDlyalVCYmpWck5keXZoSEhlLVNjdU5ZamhqYy1pemVQYmxROTlVRE1zdU9XNV82RXdZVTFmQWlhOVE5X05jRFlGR25PcU1pWTBKbFdhMzVKTG1SeVNMSzVLM2tZOHpma0lsRjZQRnJGM2lxVHF5bHlka0dYRURoZ3l1RkxmY20zY2p1V1FNRnduM3dSeXRjbzBmRVZzTC1NY3BpX1ZkOXBTYlhVZjh3bGxxYzFWNmQ4dDFQNlN2LXdWd0lqUW5pbEdGd0YxQ2FCMFU1N1dXZ09PS3pQRkhsUTJFbGdoT0gxcTFNQmxNMHdNMzkweXdpY1UxVFNSWjdJV0pTQkhBb2E1dS1jMzY2cEE0NmI1Y1l3TjRaaWMwOWdJVFcybGNGb2V5eFBydDFrZVh2c0JpMEw0V19GdTZWV3ZXTllqd3RhWHpfeE5BVWJnSzNmcWx6bDkyZXRuWWF2aml5aGJFXzBiY05lcTlDYUpWRlJrcGpXVGRPMXQ5dkl4Y3c2UFNDQkhxa1N3VlQtYzVrbWVmbEtqQWVqdERMN0VoWnR3V0RMMVJoUTV0UTdKVnZaWlQyc0dCSjV3UE51M29qMEE5M210V0JqWlhkbDNWMDJrV1lTVmJrSE9SVl81d3NUTXFUSm5sTzRXQTBvZlJVUGM2b1ZvVmo4UGlJOWUxTkZicnM4NGtveURIYnd5bmhfT3pydks0UmFaYWVuM3dudVhHaHZJTjN1ME9ONlVSUHpxd0VhdlpLZ0lOWndjeWtRZVB0N2RXQ0hQVlpCUG5kWVkwMDM1OGxWNDlnb3l3enM1VUs1YTZsbGlpYjVVMGEzYmZQZUNaVmxrX09yX3hzenNoQlFpTldIeW1Tc2NmaXJVWHVzVU5QdWI1WDBLM3M1V1NtMmotQk5UREVVZ2JxOGlUQkZ5NWFQNUZSZGhXWnkwQTJVOS1zYURNMXZUYXVNM0NNSS1WeWwtUXloYkJmaDlQaG9pN3JaVU9kaFV3ckVzZWR4UFB0N2JyMGxDTzAxUEI1OEJ0bHdvRnhaQVBwRkhiYWxVUW54OUF6WkFXSjBNMGVuTVJ1VXlrbUVzbnhFejlybmZUZkcyTG1jOEJsWTB4cHg5QmpjMjU3XzNSTDNpcnhzZkpubEJyeEFxZTBPYUk2d1UzS25GaWY2QmxaZkp6dmxJSmxCcVpOdU5vNVJ5YmllQUl6dXZGaldLb1RTTGJKRFBZbXBfVTR2Q3MyY0NaSWVCc01pOFJldGJuTTIwM2xPMEV2WVhORXc5QnhoYk81YmxiNnIwb0xDTHZ1Vk9FYXM5Rk02T1UtOHVyNUNpNlFoTDZYQW9UTXZNclZkN19sbWZMVGRiNFBURmhnYm1YVVlaLUtva1BlLTlkVkRkQlVJak5IaCZzcD1sRlVTRHc5cExjOC1NNllhY25TLWc2Qi1WM3ZZLVhKVVlxM1JXZjdDYlRFGhM2NTgzNjQzODk1MTYyNzY0NDg1IgkzNzMzNjAzNzIqBTEzMzY4wAPgqAHIAwDYA9QZ4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0OS41Ni4xNTMuMTg3qAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEoa_xE8gEANoEAggB4AQB8AT0jYSyAYgFAZgFAKAFte6M49Dmr6QswAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFo48e-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_aBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYM8gYCCACABwGIBwCgB0G6BwgqBDEtLS1AAcgH5M8F0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AeRgAiKCAIQAJUIAACAP5gIAQ..&s=0836d74a87e16091ef1598bdda665a03ec74e6e2&type=pv&jm=1003&px=315&py=216&bw=970&bh=125&sf=1&sid=7444565871528178325&vd=ct~0|rr~5&sv=232&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=12399445&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:18 GMT
AN-X-Request-Uuid
fd24d830-bc9a-4712-b868-1cf02684157b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://slate.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
events
api.permutive.com/v2.0/batch/ 		201 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
a30c2660d5d677ca4bb908389052eaf7591c938ef3c0e1ecde7e3c62b7fb787b

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:33:18 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://slate.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
av
taboola-d.openx.net/v/1.0/ 		48 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://taboola-d.openx.net/v/1.0/av?auid=541033703&gdpr=0&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:18 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://slate.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
tag
gklfs-x8k98.ads.tremorhub.com/ad/
Redirect Chain
  • https://gklfs-x8k98.ads.tremorhub.com/ad/tag?adCode=gklfs-z91iz&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fmagazine-api.taboola.com%2Fvideo-content%2F-1...
  • https://gklfs-x8k98.ads.tremorhub.com/ad/tag?adCode=gklfs-z91iz&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fmagazine-api.taboola.com%2Fvideo-content%2F-1...
1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gklfs-x8k98.ads.tremorhub.com/ad/tag?adCode=gklfs-z91iz&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fmagazine-api.taboola.com%2Fvideo-content%2F-1849738329230163084%2Fflavours%2Fmp4_480.mp4&srcPageUrl=https%3A%2F%2Fslate.com&contentLength=NaN&gdpr=0&us_privacy=1---&_tur=T
Protocol
H2
Server
2600:1f18:612b:4280:7c71:c298:8e44:b36d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
bb30f53f2ec33b0b0c17901ef503e51ff2f063d1ffb5352b183f84e67d58b803

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
server
nginx
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://slate.com
content-type
text/xml;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD

Redirect headers

location
https://gklfs-x8k98.ads.tremorhub.com/ad/tag?adCode=gklfs-z91iz&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fmagazine-api.taboola.com%2Fvideo-content%2F-1849738329230163084%2Fflavours%2Fmp4_480.mp4&srcPageUrl=https%3A%2F%2Fslate.com&contentLength=NaN&gdpr=0&us_privacy=1---&_tur=T
access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
13988607
ads.stickyadstv.com/vast/vpaid-adapter/ 		796 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/13988607?_fw_gdpr=0&schain=1.0,1!taboola.com,1510573,1,-394321111&_fw_us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
f0aee2549e7bfd48fd1ffee88ada8efd14b6cb5e074322682b285968326bddee

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:18 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://slate.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1682901198973037-290
httpapi
api2.amplitude.com/2/ 		94 B
287 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/analytics-browser-1.1.4-min.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.93.196 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-93-196.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e200a6c1a6abc62b91fa6dd0dccb47e05ea45cac5b49b8c5cbb21253a7726072
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:33:19 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-644f08cf-016716bc0bf96cbf10842a47
content-length
94
access-control-allow-methods
GET, POST
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.93.196 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-93-196.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://slate.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Mon, 01 May 2023 00:33:18 GMT
strict-transport-security
max-age=15768000
activeview
pagead2.googlesyndication.com/pcs/ Frame F858 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmJBWekez3HEFBkERneV8IrrFEgd-ICNZORjt2hmxstQLX2I01G0WHnnFMKHTp-HnEqHYRE-vXIa6A3Dn5njEeuJ9pkfrJixa7qwpAIoatgt7p-iBn&sig=Cg0ArKJSzMqORsHFTk_iEAE&id=lidar2&mcvt=1005&p=216,315,341.390625,1285&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20230426&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=275029715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682901197032&rpt=881&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304260101&jk=1435026483694479&bg=!8POl86fNAAb9Sbh13Uk7ADkAdvg8Wl1WS7qnM30soGh0tO5toVaR4BsHpUvAVSo89MD8w_XkYtWgBkRO7CHAd9L2-0hBjUtIAxMCAAAAVlIAAAADaAEHCgAEqB00uZkC2-cJ8T1SaGEdC9iO0baG0ekbrE_hB161Z8iRg_s4_SNfHlFDIs4EqezMtBcpG9Lef9ymfxwZld7FDvqzVptJqoepFfr_5NKMVyFNRSOGoN3fEUHtydq7zMUCs_mrMsq36jh9-eNHFXz_BDH1BK2s9ClJUBvlSZy-TYlhOuZeY7zE2XK-7KolFvXUpVZb2o5a6w5BccMeOU0-nh4QX_a6CA5mtM40PkynUGcHAXTmd3QKP8I1hBvOk2N_Jz9Fbb-m_Y3FtwQQ8yhcAkBK_VjMNRw5oqDcdWsGfVDjzmZMuoza4mD_gwp13AgI0X2bpifLNO5F3haGRAiFOSB0Ph8t-g1SUs_jisnA5wjyORGGY5awuNAQR7Wc_Hk53uOLTv1mUnBloMnP4qxiVjslQu_30aSURmMCODJL65S83tptoX-1kaDw_-4Tvs9ugblbKD2vz8b9MDPWKH7GmmE1XceFasXFRnTWE55HKCcB3LzIAp2Ur_5QlMIKOnTM3TSeVmoat61IN21IRXf12LVNs_8Or6zgZIFLVuri-DJxOEv5Lo7zpHBauCe3jNCysFoGnaqJ7wonjkwmTVCq3AKHZR2Pzd_GgkFJ_GuklbNF3jFMh15zHjWWOuZNopBSd1qnZ3gbxEugy7RTPa8LrMMzDEI5e6dNiDTP8rcdh3d9iW_YiZ7-TKAxw8WHovsx_ESc2mX_D4o8Asl_83mv8_ZEqm3DA3TgktkMXGmLPBE3nqRLyH103aMdmww1EUn0bYtlTJDFajaI17xo6asI0hPanmYeulWuGJq5lJyI-JBoPHamGudt749KjmeZLvPSGvvr9V4whNqx2BAbp6v88LmBwUHEYEaQ5zhSkd2IOkIUGwRxVsNY0KBawFZdBzGyEGUtImt1eD0eVVBQikUsGMCfBKngPpaUzVKwYDXOSGtcNDr68tPb--ZuwxpOWeSy__OlXurP3CT-Mhyr2XP5XfK5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame D772 		443 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3775b2253694eeaf0214b74d44e271c33bb635a547c1e2c95a48285bac8ed152

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Apr 2023 15:08:56 GMT
ETag
"64493e88-6ea45"
X-Cache-Status
MISS
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=18450, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Mon, 01 May 2023 05:40:49 GMT
syncnoad
partners.tremorhub.com/ 		1 KB
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=adgear%2Cstackadapt%2Cadelphic%2Cscaleout%2Cbeachfront%2Cdeepintent%2Cemx%2Cappnexus%2C1%2Cacuityads%2CTubeMogul-GP%2Ctremornet%2Cadtheorent%2CPulsepoint%2Crocketfuel%2Cbucksense%2Cbrightroll%2Cindexexchange%2Cblis%2CBidTheatre%2C_dmp_turbine%2C_dmp_krux%2Cadform%2Cdemandbase%2Cmadhive%2Cthetradedesk%2CTapAd%2CRadiumOne%2Cquantcast%2CBidswitch%2Csimpli.fi%2Cdataxu%2Cbeeswax%2Cgoogle%2Cexponential%2Cdynadmic%2Ccentro%2Cconversant%2Cadvangelists%2Cmartinai%2CVideology%2C4Info%2CSundaySky%2Cportodsp%2C_supply_taboola%2C_dmp_adobe%2C_google_dfp%2C_dmp_lotame&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&init=true&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
253fb014bf2106601cbbaab9f49394703bdff2da00227172b2de2afd84c2247e

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame 5E6F
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=taboola
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZE8IzcCo8X0AAIOrpPkAAAAA
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZE8IzcCo8X0AAIOrpPkAAAAA
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24476

Redirect headers

Date
Mon, 01 May 2023 00:33:19 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":false,"ipv4":"149.56.153.187","key":"ZE8IzcCo8X0AAIOrpPkAAAAA","privacy_sensitive":false,"uid":"ZE8IzcCo8X0AAIOrpPkAAAAA","upstream_id":"a-ad40135"}
X-SO-Key
ZE8IzcCo8X0AAIOrpPkAAAAA
X-SO-Upstream-ID
a-ad40135
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40135.dc2p.scaleout.jp
X-SO-UID
ZE8IzcCo8X0AAIOrpPkAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
149.56.153.187
X-SO-Cluster-ID
0
Server
nginx
Location
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZE8IzcCo8X0AAIOrpPkAAAAA
Cache-Control
private
X-SO-Ads-Time
149
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
/
sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/ Frame 5E6F
Redirect Chain
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=d78a25f59dfa4cba9c...
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=d78a25f59dfa4cba9cebcc624d038777
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=d78a25f59dfa4cba9cebcc624d038777
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24476

Redirect headers

location
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=d78a25f59dfa4cba9cebcc624d038777
date
Mon, 01 May 2023 00:33:19 GMT
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame 5E6F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.177 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 5E6F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LH43X5G9-W-CF1I
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LH43X5G9-W-CF1I
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21631

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LH43X5G9-W-CF1I
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
Expires
0
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 5E6F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b?gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-m8.CWiBE2oRbWeHt6lQWSC_CUMmLVtvbQ7De4A--~A
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-m8.CWiBE2oRbWeHt6lQWSC_CUMmLVtvbQ7De4A--~A
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21631

Redirect headers

date
Mon, 01 May 2023 00:33:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-m8.CWiBE2oRbWeHt6lQWSC_CUMmLVtvbQ7De4A--~A
content-length
0
/
sync.taboola.com/sg/baidurtb-network/1/rtb-h/ Frame 5E6F
Redirect Chain
  • https://trace.mediago.io/ju/cs/taboola
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=86d0265f255686f2b6858b82dd891b02
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=86d0265f255686f2b6858b82dd891b02
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21618

Redirect headers

location
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=86d0265f255686f2b6858b82dd891b02
date
Mon, 01 May 2023 00:33:19 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
content-type
text/plain; charset=utf-8
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 5E6F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEHtwWfqo5SFvB76vBWR5WdQ&google_cver=1
0
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEHtwWfqo5SFvB76vBWR5WdQ&google_cver=1
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
13
date
Mon, 01 May 2023 00:33:19 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1682901199.217749,VS0,VE13
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12827-YUL

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEHtwWfqo5SFvB76vBWR5WdQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5E6F 		42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b:$UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 01 May 2023 00:33:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 5E6F
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b
Protocol
H3
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b
date
Mon, 01 May 2023 00:33:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21631
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 5E6F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=2ceafc3a-8e26-4266-b01b-ef810856e5c7
0
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=2ceafc3a-8e26-4266-b01b-ef810856e5c7
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
13
date
Mon, 01 May 2023 00:33:19 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1682901199.209441,VS0,VE13
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12827-YUL

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=2ceafc3a-8e26-4266-b01b-ef810856e5c7
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
merge
ce.lijit.com/ Frame 5E6F 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b&us_privacy=1---&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:19 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 5E6F 		49 B
888 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 5E6F 		43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.179 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 01 May 2023 00:33:19 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 5E6F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a96db30a-0d1f-4437-bc2e-f7734502baa1
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a96db30a-0d1f-4437-bc2e-f7734502baa1
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21673

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:18 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a96db30a-0d1f-4437-bc2e-f7734502baa1
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1158458
content-length
0
expires
Mon, 01 May 2023 00:00:00 GMT
/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame 5E6F
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F6%2F2.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/429/6/2.gif?puid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/464/434/5/3.gif?puid=5f481e3f-fe26-4643-95a4-3f53617d0aae&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F4%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/464/108/4/4.gif?puid=a4b4a278-70a7-4dc9-98cf-67badbab2011&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-8f2ecMn3ZDRpurp-JBF-C-cwDOLljfJZqEjb-WN-ZA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F3%2F5.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/3/5.gif?puid=778b644f-08cd-4200-9c5c-da65e0d1f631&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F2%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F2%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/112/2/6.gif?puid=E3AD1B54C2BEBE75&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/1/7.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/1/7.gif?puid=1217742735073133822&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=2ceafc3a-8e26-4266-b01b-ef810856e5c7&ttl=%%TTL%%
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-8f2ecMn3ZDRpurp-JBF-C-cwDOLljfJZqEjb-WN-ZA
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-8f2ecMn3ZDRpurp-JBF-C-cwDOLljfJZqEjb-WN-ZA
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:20 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24318

Redirect headers

location
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-8f2ecMn3ZDRpurp-JBF-C-cwDOLljfJZqEjb-WN-ZA
date
Mon, 01 May 2023 00:33:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 5E6F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4836568124463724454&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=0917a668-00c7-4069-99d7-f5e021233ae9
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=0917a668-00c7-4069-99d7-f5e021233ae9
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21895

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=0917a668-00c7-4069-99d7-f5e021233ae9
Date
Mon, 01 May 2023 00:33:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 5E6F
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e223b357-3f09-4481-9c10-8628c1a24a7c
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e223b357-3f09-4481-9c10-8628c1a24a7c&tbid=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b&query=taboola_hm%3De223b357-3f09-...
0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e223b357-3f09-4481-9c10-8628c1a24a7c&tbid=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b&query=taboola_hm%3De223b357-3f09-4481-9c10-8628c1a24a7c&isDirect=0
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 01 May 2023 00:33:19 GMT
via
1.1 varnish
server
nginx
x-timer
S1682901199.494421,VS0,VE12
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12827-YUL

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e223b357-3f09-4481-9c10-8628c1a24a7c&tbid=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b&query=taboola_hm%3De223b357-3f09-4481-9c10-8628c1a24a7c&isDirect=0
date
Mon, 01 May 2023 00:33:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24816
sd
u.openx.net/w/1.0/ Frame 5E6F 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 5E6F 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7772&xuid=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b&dongle=tbla
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:33:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 5E6F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=ruPoSpZIUIJ7GLwbam2kAZU4mbs
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=ruPoSpZIUIJ7GLwbam2kAZU4mbs
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21673

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=ruPoSpZIUIJ7GLwbam2kAZU4mbs
Date
Mon, 01 May 2023 00:33:19 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 5E6F
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:33:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Mon, 01 May 2023 00:33:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
t.adx.opera.com/ Frame 5E6F 		35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:19 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 5E6F
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=cce96428-d4d0-480a-99d2-97ad3854c548
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=cce96428-d4d0-480a-99d2-97ad3854c548
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21631

Redirect headers

date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=cce96428-d4d0-480a-99d2-97ad3854c548
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230430-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Mon, 01 May 2023 00:33:19 GMT
x-amz-request-id
ZAK4FD2E2P8MSSD3
age
3362
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
V0c8gILtYp37FWXhcXdQojKeSQFpHITDXRHuVnvWCLK7rCdcoYnpLZyoXbDe/nSz/8OPQX7zNUM=
x-served-by
cache-yul12827-YUL
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1682901199.183530,VS0,VE1
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
44
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
3475170
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230430-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Mon, 01 May 2023 00:33:19 GMT
x-amz-request-id
Q3ERA9VTRD55JBY1
age
10940
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
UUMJVpvIZIvyQ22D+SDZRaO7/6yI3tG7JsuWzRq09Cf8ExmuPRI8X1vhSkWaCi+MY3QYN59kQmA=
x-served-by
cache-yul12827-YUL
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-timer
S1682901199.183456,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
44
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
34603
eidf.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eidf.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230430-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
3979WkHCSLO5cQCJAWoE4w7tW4Dv40AW
content-encoding
gzip
via
1.1 varnish
date
Mon, 01 May 2023 00:33:19 GMT
x-amz-request-id
MDF5YJ4JPHMV135K
age
9722
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6467
x-amz-id-2
/0TARI9ylAJTtdJm2wdojYI6Jg6CZKI/p48bHg5JJJxgG8TBC90GLh4JuJBP312yN5EOCZz5/3Q=
x-served-by
cache-yul12827-YUL
last-modified
Sun, 02 Apr 2023 13:49:08 GMT
server
AmazonS3
x-timer
S1682901199.183493,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
44
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
39235
/
pips.taboola.com/ 		4 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-yul12825-YUL
date
Mon, 01 May 2023 00:33:19 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://slate.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:33:19 GMT
cache-control
no-store
server
nginx
syncnoad
partners.tremorhub.com/ 		1 KB
970 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=google%2Cdemandbase%2Cportodsp%2Cconversant%2CTubeMogul-GP%2C1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2Cscaleout%2CSundaySky%2Cdynadmic%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b20b68186a8e5458fd25cc956d5417ea59c956a6a41f0649014789e3c99e14a6

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1 KB
894 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=demandbase%2Cportodsp%2Cconversant%2CTubeMogul-GP%2C1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2Cscaleout%2CSundaySky%2Cdynadmic%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
11da00078a3b3a63fc2dbe4f8cbaa58eb6c94dc581a2f49f393e706cc41d9ec9

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1 KB
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=portodsp%2Cconversant%2CTubeMogul-GP%2C1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2Cscaleout%2CSundaySky%2Cdynadmic%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
2105fb750d01ccfed1f95c02b46ad17a843b5fb731115c11becd4df59a797201

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
SPug
simage4.pubmatic.com/AdServer/ Frame FFF4 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame D772 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1682901199364
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:19 GMT
Last-Modified
Wed, 26 Apr 2023 15:08:56 GMT
ETag
"64493e88-6400"
X-Cache-Status
MISS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://slate.com
Cache-Control
max-age=49182, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25600
Expires
Mon, 01 May 2023 14:13:01 GMT
ping_match.gif
pm.w55c.net/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=561da2bcf86ab95f3de431e97b461c5f&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o0f8a_7228005612105001286&gdpr=0&gdpr_consent=null
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NTYxZGEyYmNmODZhYjk1ZjNkZTQzMWU5N2I0NjFjNWY=&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEIhpzq4FKCz2LyHcyJCa8bU&google_cver=1&gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=2ceafc3a-8e26-4266-b01b-ef810856e5c7&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAErwE7InhIAACEgpNW--w&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/561da2bcf86ab95f3de431e97b461c5f?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-z00hXk9E2oNZfsQ5BXZA6dcBsb26dCynkxpQaa6r~A
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=freewheel
  • https://ads.stickyadstv.com/user-registering?dataProviderId=561&userId=c5daa5f8-e7b7-11ed-81c4-b1999ba94c6c
  • https://jelly.mdhv.io/v4/pixie?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=513&userId=c9ddfb3e-fb4d-4385-b470-78422aa2bf32
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=5043119&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=1608ec07-25bd-4a37-83ed-b449872e489b
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
0
0
syncnoad
partners.tremorhub.com/ 		1 KB
903 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=conversant%2CTubeMogul-GP%2C1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2Cscaleout%2CSundaySky%2Cdynadmic%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
624123e08565d80f24b264535b2168c174c9d93e0862f0d11959dfe81d43bbb0

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
/
ads.stickyadstv.com/additional-scripts/ Frame D772 		301 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=13988607&loc=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:19 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Origin
https://slate.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1682901199423006-167
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame D772 		67 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=13988607&_fw_gdpr=0&_fw_us_privacy=1---&schain=1.0%2C1!taboola.com%2C1510573%2C1%2C-394321111&vav=cb9240473d763e470237b18a0700e94a&vaviv=c935a716291387bc832bf63ea7f5d80e&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.7.0&focus=true&componentId=vpaid-adapter&loc=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&playerSize=700x393&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
application/xml, text/xml
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:19 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://slate.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1682901199413065-317
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
syncnoad
partners.tremorhub.com/ 		1 KB
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=TubeMogul-GP%2C1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2Cscaleout%2CSundaySky%2Cdynadmic%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
bf7bf5bbd672e8902673cd254c55d5a64b899a32aef072e9f68de54eb74aac6b

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTYxZGEyYmNmODZhYjk1ZjNkZTQzMWU5N2I0NjFjNWY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTYxZGEyYmNmODZhYjk1ZjNkZTQzMWU5N2I0NjFjNWY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H3
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:19 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTYxZGEyYmNmODZhYjk1ZjNkZTQzMWU5N2I0NjFjNWY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1682901199449026-270
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=561da2bcf86ab95f3de431e97b461c5f&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=561da2bcf86ab95f3de431e97b461c5f&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZJY1Q7Q2SVBBNRS9PD9H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:19 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=561da2bcf86ab95f3de431e97b461c5f&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1682901199482006-295
segment
api.permutive.com/clm/v1/ 		65 B
79 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/clm/v1/segment?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e6ea7385c5e0f6b39167f61372c7c480d5467d0a5befbc3f88e04f8aa3e3a783

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:33:19 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65
content-type
application/json
syncnoad
partners.tremorhub.com/ 		1 KB
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2Cscaleout%2CSundaySky%2Cdynadmic%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
2a0fac24642299cfd0a7e4b2b1be6919c9bfc46f87f4e1f9ca8faac4ed7c29f3

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1 KB
907 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=dataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2Cscaleout%2CSundaySky%2Cdynadmic%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
9ce2706e0cf26572acc4adbceba6a52f2bfc5b3eb9c9f98cd736322ac3c112c7

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		64 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=homyv5Uzpu&tbc=%7Bkpex%7DsIg4-F_FsXcXKfqfOShuJ5pFJReCzzglaeIZHHGha6Y5xDJ1KBMEvrL3S3bmLE25&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jsonp8580
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8833ed51f602a3421682dd811ae9d15a574ea9ebffde6055d6fd1ffcec016822
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:19 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
MISS
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
MjveytrJhs8
wn
prod-dash-10-0-80-172
last-modified
Mon, 01 May 2023 00:33:19 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
server-time
0.002
cache-control
public, max-age=86400
cf-ray
7c03eeb0fd4d7151-YUL
expires
Tue, 02 May 2023 00:33:19 GMT
syncnoad
partners.tremorhub.com/ 		1 KB
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=tremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2Cscaleout%2CSundaySky%2Cdynadmic%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a92295e29788ce06fa66f5cb8f42bd3235fe261d96da97f0f424028270eda944

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1 KB
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=Videology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2Cscaleout%2CSundaySky%2Cdynadmic%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
eba09f29a0cdea4d1aeba54d4152732ab437c23c49ddce098e77a5fed7cb672d

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1 KB
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=thetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2Cscaleout%2CSundaySky%2Cdynadmic%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
9fca6200e6de89e0c392a3e843c61e3ee1c962eb130a39046c127a7bb5f6f882

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1 KB
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=appnexus%2Ccentro%2CBidswitch%2Cstackadapt%2Cscaleout%2CSundaySky%2Cdynadmic%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
115f5d7641e853723d5e8e94ea54135addb3529d2c54615de395ed8a16155804

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1003 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=centro%2CBidswitch%2Cstackadapt%2Cscaleout%2CSundaySky%2Cdynadmic%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
09fb978479698afec8d4eb3f442039999bf88fd12f625bcb53bb3b94f62b2d34

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		977 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=Bidswitch%2Cstackadapt%2Cscaleout%2CSundaySky%2Cdynadmic%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
9137eb947ab0366f4105310ad8ef766be8afbb853bb26fda86fd71ba251fc382

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		969 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=stackadapt%2Cscaleout%2CSundaySky%2Cdynadmic%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
81844d3605df6da453231ef27f210bd7ce101daf4ee0da86abc7eb39af3feea0

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		963 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=scaleout%2CSundaySky%2Cdynadmic%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b3523e4b6b33ae2aabb2f7dc70e3d95dd4ea3eb6cfdf70adec7b8dbae954e988

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		944 B
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=SundaySky%2Cdynadmic%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
d4069a55d26ae713f49eadc49069b29480bbf323628fb1358cf2d81a1d630afe

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		966 B
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=dynadmic%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a7128527e7bb40dc1991ec7abb72edcdc0b2e380c6f2d5dcf0bad380392f3aa5

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		924 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=BidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
46f39bfaf1e3b1be1588fb14c6dc8efe7e1d259d11fafb1f5c2b179bc0ba0fce

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		948 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=beeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b72ae9b2d98960315a7699e4af212e3d2893236c817cefa57db42bbdbc5477c5

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1 KB
846 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=TapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
8862f2c85acbd05d6716dfe7883d09b378449b3878e92440a5d936f5a4765fdc

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		906 B
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=adgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
6eafbd8ea845bbcf3187b65f3051f8a2c0526903e81ace13834af61e095344eb

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		964 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=Pulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
59ae82f4dde9699fe0fb6d325347162a4f0aaf4e64d72d119bff94ab58e97d0f

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		897 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=brightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a0a22c7150eb7a66c6e56dac306c17fc1c94295565013ab603e12520a363620d

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		848 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=beachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
0b55ac6dc6377ef1f39774d580465a17619972d2569ccf1be26c08984f72ed4f

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		916 B
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=indexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
de26b8f0af54bcd80d7db7f6a8413a75120ca0e76e67ee8a9b32eccb758aeffe

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		820 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=RadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
ca750ccef94a066a39f8975dee2c78755eed5f980a2a209d700aaa25564e290e

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		875 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=bucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
3617bdde2ed21270daf0b4284181826438dd80fc9d96eebe8e7acf3b1f31f627

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		816 B
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=adform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
5900c116c4f0e5a147c0946c0ed0790116b07cd0cae5f9a9732a017b251b5b35

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		800 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=blis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
116972d702e6899477bc7568ab755f872e25c6a65ea4fdef9a03dc8a411d683b

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		800 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=madhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
cc429e4507860cb9568c00683cb49192b8b3e1b09106fcb3d054be45ad95465f

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		833 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=emx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
5e43ce18d6bd66de1c0bd716378e6c3322b21a725f1c592444ed7bef66fe08dd

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		884 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=exponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b149251aaa2d8711bb9150256673db9baea54864153236e5dabac067c1fedb13

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		839 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=adelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
269ec9d3b42ae3cb5fda4d8c52ac39eabc84ea2aecf25746a609b86ed0125fd6

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		744 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=adtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
ab3651b53a38a644db2190843af20d306d9c05796c5b57609bdf7c7e894aea83

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		718 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=simpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
c2ade1eec15ce760812166a5df316f9349ef7a520cb938accf13c5b48185d4e1

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 6B94 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45964380&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4c4275bd9bf16786d48f0f32fd7cc3c98b6d3117f000daf79fddc28c6e9a8d1b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 01 May 2023 00:33:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
syncnoad
partners.tremorhub.com/ 		740 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=quantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
bcefdad5d240571deded198671683a6c32bb01e4af970c73f28de13a6a48348a

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
dcm
s.amazon-adsystem.com/ Frame F9C4 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:33:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
6G73B95RGTGKTXKR98Z6
Pug
image2.pubmatic.com/AdServer/ Frame 43FE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFcndFN0luaElBQUNFZ3BOVy0tdw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAErwE7InhIAACEgpNW--w&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAErwE7InhIAACEgpNW--w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAErwE7InhIAACEgpNW--w&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAErwE7InhIAACEgpNW--w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=8433210686061420878&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAErwE7InhIAACEgpNW--w&gdpr=0&gdpr_consent=
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAErwE7InhIAACEgpNW--w&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 01 May 2023 00:33:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 01 May 2023 00:33:20 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAErwE7InhIAACEgpNW--w&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame A1A5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:778b644f-08cd-4200-9c5c-da65e0d1f631&gdpr=0&gdpr_consent=
42 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:778b644f-08cd-4200-9c5c-da65e0d1f631&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 01 May 2023 00:33:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 01 May 2023 00:33:20 GMT
Expires
Mon, 01 May 2023 00:33:19 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master ord-pixel-x3 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:778b644f-08cd-4200-9c5c-da65e0d1f631&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 57D2
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c5daa5f8-e7b7-11ed-81c4-b1999ba94c6c
42 B
244 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c5daa5f8-e7b7-11ed-81c4-b1999ba94c6c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 01 May 2023 00:33:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Mon, 01 May 2023 00:33:20 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c5daa5f8-e7b7-11ed-81c4-b1999ba94c6c
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-3
Pug
simage2.pubmatic.com/AdServer/ Frame 9AE5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1217742735073133822&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1217742735073133822&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 01 May 2023 00:33:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
c90ee955-80ab-4a37-b50c-98592726afec
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 01 May 2023 00:33:20 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1217742735073133822&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
usersync
usersync.gumgum.com/ Frame 9DCC 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=0F1C5E77-729B-4F92-8E83-B7A886DE1C71
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 01 May 2023 00:33:20 GMT
Expires
0
Pragma
no-cache
sd
us-u.openx.net/w/1.0/ Frame 6B94 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 6B94 		43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.139.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-139-137.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:20 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 6B94 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.144.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-144-192.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 01 May 2023 00:33:19 GMT
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 6B94 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.233.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-233-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:20 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
c61d16e0-e7b7-11ed-b7ee-0acc96fced03
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-09405cde70f1c9ed1
Pug
simage2.pubmatic.com/AdServer/ Frame 6B94
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2ceafc3a-8e26-4266-b01b-ef810856e5c7&gdpr=0&gdpr_consent=
42 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2ceafc3a-8e26-4266-b01b-ef810856e5c7&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 01 May 2023 00:33:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2ceafc3a-8e26-4266-b01b-ef810856e5c7&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame 6B94
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-q_VtuHtE2uWIRF2axEm8bkdNYNcXHGY-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-q_VtuHtE2uWIRF2axEm8bkdNYNcXHGY-~A&gdpr=0
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-q_VtuHtE2uWIRF2axEm8bkdNYNcXHGY-~A&gdpr=0
date
Mon, 01 May 2023 00:33:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
0F1C5E77-729B-4F92-8E83-B7A886DE1C71
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6B94 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/0F1C5E77-729B-4F92-8E83-B7A886DE1C71?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:3829:a14e:8be6:e46f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 6B94
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=54229035d4f2068a&is_secure=true&networkId=17100&version=1&nuid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACUr_NLLknWANAesYhAAAAAAA&expiration=1682987600&nuid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&...
42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACUr_NLLknWANAesYhAAAAAAA&expiration=1682987600&nuid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 01 May 2023 00:33:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:20 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACUr_NLLknWANAesYhAAAAAAA&expiration=1682987600&nuid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6B94
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://rtb2-useast.marketiq.com/sync?exchange=685&ssp=pubmatic&bsw_param=0917a668-00c7-4069-99d7-f5e021233ae9
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.marketiq.com%2Fsync%3Fexchange%3D685%26ssp%3Dpubmatic%26bsw_param%3D0917a668-00c7-4069-99d7-f5e021233ae9
  • https://rtb2-useast.marketiq.com/sync?adkuid=A3499120087437666193&exchange=685&ssp=pubmatic&bsw_param=0917a668-00c7-4069-99d7-f5e021233ae9
  • https://x.bidswitch.net/sync?dsp_id=458&user_id=A3499120087437666193&expires=5&ssp=pubmatic&bsw_param=0917a668-00c7-4069-99d7-f5e021233ae9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:33:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 01 May 2023 00:33:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
syncnoad
partners.tremorhub.com/ 		810 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
877e20b408a30402d439bf0c60191870e5c089be42e291bb202961cbdfa07b49

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		740 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=deepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
2be66ecb040623badb53256cd586051b797155f97754bf2cc70361dfd129c3da

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		782 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=advangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a14389d64bd945f23e5574f37991080b418fe21d22387bfa7d6846474f03f87e

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		706 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=martinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
f0b2b6b0deadda455cabb0dbf7c7d087b8450d680cc5522e1500dbd994e46f48

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		699 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=acuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
84968f9a01c83a3e126aa40184b33a3c42561842018129d1230ec7e363d4c3d9

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		711 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
878908d6ce5642be724d76112af88672ab9559cf8b1e52a37faeac1acfd1e468

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		680 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
45dd69820a1f9f23fd5018bced71dda3a4ecb3125f7007ff77d4a6f98483b154

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		642 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
9ae521c7a3f5395ebb518208a75ad1e32aef8e926d2a3849d6d19e057ac2dda4

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		643 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
7d912096104be646d8b7927d5612623fd13c9740a4bf800ccad14f427bf9f0b6

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		598 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
ca757707a9dbf3c55cd0c8ebaa996f5d39eaca509517b9ebb165ab99edd85d93

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		611 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
3cb301bb622df284ba538a529481caccefc8b7a5ec841a299b9ebf178c4a0d97

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		118 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e150fdcba27b4d7fbe2967562c5eec7f&p=*&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
e81c248b5ead146b62a1d4da26be147cf9873e714e74e66daa5bd113a0e0d2ba

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
VideoBidRequestHandlerServlet
us-wf.taboola.com/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1682901201091&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1514&pt=-763780844&tz=0&viewable=true&ddast=V8-ygCLAbcxoqhqbgJtxG4jRVDU3ETbisAAABgYID-AAnMdivjwjZyi1wLz1q0GTnWEpfDtdYYNxPfxjMYLlcWIyCB2W5lXNhGbpFr4VmLNiPHWuJyuNYa42bi23gGw-XKYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd6zdlhetk1frdf9PIY7X6z3-f8SwaTwV4x2Wv-Zofl97SbPG-hw-N1qx1m38Pycis8pqft5ZZYXg6P0S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA4DJBoHokANC--2my8th9gcAAAAAEAAAAAAkABCYq0sAxMzlnfj_________jzFAn3kj4_____-GQg-ABx8AD0IAAAAuhiQ4BaqaI20xEyGwKsIIAAAAQCVO5u6RSTpBxaLK__9_vxWAKwAAAYfUul0fWXQHJd7CAAAAEIxZoIfF7zc77Bq_22X-_________838n_lHI1RTP5xGeBLFXs0vIADAml9AAAA26gYA4E0AnKBD0IrBYHUCYnYAAAAA7vz____rAaHlxjgaLFcO32JkWZg2holvNRrOdjPTcrnw7Rbek1bDJjDSWlvUJ0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5mfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVkgCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEYzNJp7NbrdbqwYbi1s0Ma3cwt1g5taNXKPdYjIYGYe7tej1MV1Mw-HKNPEiwYCovUieFulEYrG4JqOJx-HbmBYrl3Hh3A0Wk4nJ5hisfDOHaSKWaE4W6UR22ZeWG-NosFw5fIuRZWHaGCa-1Wg4281My-XCt1v4a7OJZ7Pb7daqwcbiFk1MK7dwN5i5dSPXaLeYDEbG4W4ten1MF9NwuDJN_I3ZcLIcLBbL1b4xG06Wg8Viudp36Azf1edsVK5lj4_LVs0Wxuaaw6BwGSzeleq00hYkB232KnK6NDNlUWf0-_1-v9_v9_v9foPWczAbFL7v0DocR64fZ3bxPYgNCkUsEVykE83ZYXp5_G6LWKI0XaQTvejlMdr9Zr_P-ZcMJoO9YrLX_M0Oy-9pN3neQofH61Y7zL6H5eVWeExP28stsbwcHqNdaHqbLWKJ4HSRTkQv4-mi_iOHGC3nqtlcsdrMFcPdKgEAAAAAAAAAWIJJppsAAAAAOBnUbrabrNbpYCajwXCyWi6AC4ZWXT_hZlNgrILbxRp7DGHODtPL43dbGcAFwyqzzT4jiLVaLWsAAAAC2AAAAAK46cabQHQo7v___38cAAAAGTn0AAAA6PcBScUduVLohfMriMFwtdo_ABVirVar2421Wi0!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3240825&dpubid=576725&abtst=id5mc_vA!nonrv_vA!tbt_lite_unit!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fslate.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/132128.328.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
beafe9f247d9ea85944d59c897004957fd13dfdb0d381af62d39ab8c3edfe5da

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
content-encoding
gzip
server
nginx
machineid
1167
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://slate.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
link
<https://gklfs-x8k98.ads.tremorhub.com>; rel=preconnect,<https://jzwjq.ads.tremorhub.com>; rel=preconnect,<http://ads.stickyadstv.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
envelope
api.rlcdn.com/api/identity/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13468
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 May 2023 00:33:21 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://slate.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
sync
eb2.3lift.com/ Frame 9DA2 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bc1e4c932273d9be469621a74dadc6e966ee370016d030a04e51c1a1ae208878

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1114
content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:33:21 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
us-u.openx.net/w/1.0/ Frame 3E82 		616 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=5&ph=9acd25d6-8da2-412c-9970-252825fa0fef&gdpr=0&us_privacy=1---
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
379d848b12a26d142930bfa85bc9e5bee22ae87a8ddc211a2f1fd5512cc2e353

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
399
content-type
text/html
date
Mon, 01 May 2023 00:33:21 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pd
us-u.openx.net/w/1.0/ Frame 33E5 		616 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=5&ph=9acd25d6-8da2-412c-9970-252825fa0fef&gdpr=0&us_privacy=1---
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
379d848b12a26d142930bfa85bc9e5bee22ae87a8ddc211a2f1fd5512cc2e353

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
399
content-type
text/html
date
Mon, 01 May 2023 00:33:21 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BD2A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161864&us_privacy=1---
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=32298
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 01 May 2023 00:33:21 GMT
expires
Mon, 01 May 2023 09:31:39 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 61A0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
615
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7c03eebbadaaab3d-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 01 May 2023 00:33:21 GMT
expires
Mon, 01 May 2023 04:33:21 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame BC28 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
615
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7c03eebbadadab3d-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 01 May 2023 00:33:21 GMT
expires
Mon, 01 May 2023 04:33:21 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 24D7 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bc1e4c932273d9be469621a74dadc6e966ee370016d030a04e51c1a1ae208878

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1114
content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:33:21 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.html
eus.rubiconproject.com/ Frame DD86 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: slate.com
URL: https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 May 2023 00:33:21 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usermatch.gif
beacon.krxd.net/
Redirect Chain
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=2ceafc3a-8e26-4266-b01b-ef810856e5c7
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=2ceafc3a-8e26-4266-b01b-ef810856e5c7
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=2ceafc3a-8e26-4266-b01b-ef810856e5c7
Protocol
H2
Server
35.169.95.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-95-213.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
beacon-n030-ash-prod.krxd.net
date
Mon, 01 May 2023 00:33:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=40 t=1682901201
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=2ceafc3a-8e26-4266-b01b-ef810856e5c7
date
Mon, 01 May 2023 00:33:21 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a018-ash-prod.krxd.net
sync
ups.analytics.yahoo.com/ups/58294/ Frame 3E82 		0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=65170482-e6bb-4314-b85b-57210e8a9595
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=5&ph=9acd25d6-8da2-412c-9970-252825fa0fef&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame 3E82
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=1e15f86d-f396-4f3d-b405-16d8a0b20024
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokMWUxNWY4NmQtZjM5Ni00ZjNkLWI0MDUtMTZkOGEwYjIwMDI0EAAaDQjRkbyiBhIFCOgHEABCAEoA
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=1e15f86d-f396-4f3d-b405-16d8a0b20024
42 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=1e15f86d-f396-4f3d-b405-16d8a0b20024
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=5&ph=9acd25d6-8da2-412c-9970-252825fa0fef&gdpr=0&us_privacy=1---
Protocol
H2
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:21 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 01 May 2023 00:33:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=1e15f86d-f396-4f3d-b405-16d8a0b20024
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 3E82
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=1217742735073133822
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1217742735073133822
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=5&ph=9acd25d6-8da2-412c-9970-252825fa0fef&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 01 May 2023 00:33:21 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f72fd758-6093-4652-91a6-4ec76153b234
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1217742735073133822
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3E82
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3339306244832130287&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3339306244832130287&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=5&ph=9acd25d6-8da2-412c-9970-252825fa0fef&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3339306244832130287&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 01 May 2023 00:33:20 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 3E82
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE8IzAAGrfCaLwAp
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE8IzAAGrfCaLwAp
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=5&ph=9acd25d6-8da2-412c-9970-252825fa0fef&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yul12824-YUL
pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682901201.229637,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE8IzAAGrfCaLwAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
ups.analytics.yahoo.com/ups/58294/ Frame 33E5 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=65170482-e6bb-4314-b85b-57210e8a9595
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=5&ph=9acd25d6-8da2-412c-9970-252825fa0fef&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
458249.gif
idsync.rlcdn.com/ Frame 33E5
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=1e15f86d-f396-4f3d-b405-16d8a0b20024
  • https://pippio.com/api/sync?pid=5324&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwI0ZG8ogYSBAgCEABCAEoA
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwI0ZG8ogYSBAgCEABCAEoA&google_gid=CAESEFiK8zz2SwgpG30B8iv_qrQ&google_cver=1
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=c52b774a-99e0-4ad1-87fd-2034661df0c9
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=c52b774a-99e0-4ad1-87fd-2034661df0c9
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=5&ph=9acd25d6-8da2-412c-9970-252825fa0fef&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:21 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=c52b774a-99e0-4ad1-87fd-2034661df0c9
date
Mon, 01 May 2023 00:33:21 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 33E5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=1217742735073133822
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1217742735073133822
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=5&ph=9acd25d6-8da2-412c-9970-252825fa0fef&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 01 May 2023 00:33:21 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e591ac73-fd4d-41c1-8fbc-f0653c8dfa81
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1217742735073133822
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 33E5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3339306244832130287&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3339306244832130287&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=5&ph=9acd25d6-8da2-412c-9970-252825fa0fef&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3339306244832130287&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 01 May 2023 00:33:20 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 33E5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE8IzAAGrfCaLwAp
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE8IzAAGrfCaLwAp
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=5&ph=9acd25d6-8da2-412c-9970-252825fa0fef&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yul12824-YUL
pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682901201.249957,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE8IzAAGrfCaLwAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame 9DA2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=2ceafc3a-8e26-4266-b01b-ef810856e5c7&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=2ceafc3a-8e26-4266-b01b-ef810856e5c7&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:33:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=2ceafc3a-8e26-4266-b01b-ef810856e5c7&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 9DA2
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI2MDIyNDI3NDI1MjEwODU3MzE1NQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 9DA2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIc-z6FOKUS6V3Ts5BNl2N0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIc-z6FOKUS6V3Ts5BNl2N0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:33:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIc-z6FOKUS6V3Ts5BNl2N0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9DA2
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI2MDIyNDI3NDI1MjEwODU3MzE1NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI2MDIyNDI3NDI1MjEwODU3MzE1NQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H3
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI2MDIyNDI3NDI1MjEwODU3MzE1NQ%3D%3D
date
Mon, 01 May 2023 00:33:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 9DA2 		0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3260224274252108573155&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:21 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 982BB545F44D421398F34C5CD2790BB7 Ref B: YMQ01EDGE0308 Ref C: 2023-05-01T00:33:21Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6lvhLKX5L3qxIEsL3yQ==
xuid
eb2.3lift.com/ Frame 9DA2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3260224274252108573155&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=475f171f-2d03-4c54-a528-a5f985cf9af9&ssp=triplelift&expires=30&user_group=5&bsw_param=0917a668-00c7-4069-99d7-f5e021233ae9
  • https://eb2.3lift.com/xuid?mid=2409&xuid=0917a668-00c7-4069-99d7-f5e021233ae9&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=0917a668-00c7-4069-99d7-f5e021233ae9&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:33:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=0917a668-00c7-4069-99d7-f5e021233ae9&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 01 May 2023 00:33:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 9DA2 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3260224274252108573155&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:20 GMT
last-modified
Mon, 24 Apr 2023 16:43:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7E599EA124B647F69401067AE6D3D5F0 Ref B: YMQ01EDGE0807 Ref C: 2023-05-01T00:33:21Z
etag
"97b0d0f2cb76d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 9DA2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3260224274252108573155?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-NosvrzVE2oQsdZeB1geGhP.I3h_lWbXYGVOhYu7atQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-NosvrzVE2oQsdZeB1geGhP.I3h_lWbXYGVOhYu7atQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:33:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 01 May 2023 00:33:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-NosvrzVE2oQsdZeB1geGhP.I3h_lWbXYGVOhYu7atQ--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 9DA2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=HFec2YkIGWgZAP77xHbg&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JBDGKYZSLFVUS...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=HFec2YkIGWgZAP77xHbg
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=HFec2YkIGWgZAP77xHbg
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:33:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:21 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=HFec2YkIGWgZAP77xHbg
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 9DA2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1217742735073133822&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=1217742735073133822&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:33:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Mon, 01 May 2023 00:33:21 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5ea1ac8a-d2e2-4988-8b96-107cb1630092
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=1217742735073133822&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame DD86 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3ad153145535384b64b055ab14a32c0078416de71e27b9097e0bb027a5b823a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:33:21 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Apr 2023 15:25:48 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53561
Connection
keep-alive
Content-Length
10020
Expires
Mon, 01 May 2023 15:26:02 GMT
xuid
eb2.3lift.com/ Frame 24D7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=2ceafc3a-8e26-4266-b01b-ef810856e5c7&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=2ceafc3a-8e26-4266-b01b-ef810856e5c7&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:33:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=2ceafc3a-8e26-4266-b01b-ef810856e5c7&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 24D7
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI2MDIyNDI3NDI1MjEwODU3MzE1NQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 24D7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIc-z6FOKUS6V3Ts5BNl2N0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIc-z6FOKUS6V3Ts5BNl2N0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:33:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIc-z6FOKUS6V3Ts5BNl2N0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 24D7
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI2MDIyNDI3NDI1MjEwODU3MzE1NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI2MDIyNDI3NDI1MjEwODU3MzE1NQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H3
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI2MDIyNDI3NDI1MjEwODU3MzE1NQ%3D%3D
date
Mon, 01 May 2023 00:33:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 24D7 		0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3260224274252108573155&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:21 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 3179097799B545D88E54723FA2B215D5 Ref B: YMQ01EDGE0308 Ref C: 2023-05-01T00:33:21Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6lvhLTVX5KLHA77yakQ==
xuid
eb2.3lift.com/ Frame 24D7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3260224274252108573155&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=0917a668-00c7-4069-99d7-f5e021233ae9&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=475f171f-2d03-4c54-a528-a5f985cf9af9&ssp=triplelift&expires=30&user_group=5&bsw_param=0917a668-00c7-4069-99d7-f5e021233ae9
  • https://eb2.3lift.com/xuid?mid=2409&xuid=0917a668-00c7-4069-99d7-f5e021233ae9&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=0917a668-00c7-4069-99d7-f5e021233ae9&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:33:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=0917a668-00c7-4069-99d7-f5e021233ae9&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 01 May 2023 00:33:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 24D7 		42 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3260224274252108573155&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:20 GMT
last-modified
Mon, 24 Apr 2023 16:43:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 22BE51C0B11C4EEC996B94E4C21613FF Ref B: YMQ01EDGE0807 Ref C: 2023-05-01T00:33:21Z
etag
"97b0d0f2cb76d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 24D7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3260224274252108573155?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-NosvrzVE2oQsdZeB1geGhP.I3h_lWbXYGVOhYu7atQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-NosvrzVE2oQsdZeB1geGhP.I3h_lWbXYGVOhYu7atQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:33:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 01 May 2023 00:33:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-NosvrzVE2oQsdZeB1geGhP.I3h_lWbXYGVOhYu7atQ--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 24D7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=HFec2YkIGWgZAP77xHbg&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JBDGKYZSLFVUS...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=HFec2YkIGWgZAP77xHbg
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=HFec2YkIGWgZAP77xHbg
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:33:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:21 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=HFec2YkIGWgZAP77xHbg
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 24D7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1217742735073133822&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=1217742735073133822&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:33:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Mon, 01 May 2023 00:33:21 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5687246b-3f34-4233-af4d-5b84bf55914c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=1217742735073133822&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame FF33 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
ba6b180d3a10a32e1a01408d0ee657312f70bf9cf82771d5e23f49caef342348

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1894
Content-Type
text/html
Date
Mon, 01 May 2023 00:33:21 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usermatch
ssum-sec.casalemedia.com/ Frame 7661 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
4494607ae7dec8176ebb910d1f0dabc268d69962c1e3e722013f4112c1b7d9d1

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1515
Content-Type
text/html
Date
Mon, 01 May 2023 00:33:21 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
crum
dsum-sec.casalemedia.com/ Frame FF33
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1217742735073133822
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1217742735073133822
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 01 May 2023 00:33:21 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d4a3c67c-60e1-44f3-86c1-6f524b278d35
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1217742735073133822
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ZE8IzFXUuxVLPNY5y8A8iAAAAKwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FF33 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZE8IzFXUuxVLPNY5y8A8iAAAAKwAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:3829:a14e:8be6:e46f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame FF33
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE8IzAAGrfCaLwAp
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE8IzAAGrfCaLwAp
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-yul12824-YUL
pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682901201.402367,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE8IzAAGrfCaLwAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ZE8IzFXUuxVLPNY5y8A8iAAAAKwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FF33
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZE8IzFXUuxVLPNY5y8A8iAAAAKwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZE8IzFXUuxVLPNY5y8A8iAAAAKwAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZE8IzFXUuxVLPNY5y8A8iAAAAKwAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a02:3829:a14e:8be6:e46f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZE8IzFXUuxVLPNY5y8A8iAAAAKwAAAIB
date
Mon, 01 May 2023 00:33:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dcm
s.amazon-adsystem.com/ Frame FF33 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE8IzFXUuxVLPNY5y8A8iAAAAKwAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RF7EXX8DCVPF9EDRDH21
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FF33
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZE8IzFXUuxVLPNY5y8A8iAAA%26172&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b
date
Mon, 01 May 2023 00:33:21 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28517
crum
dsum-sec.casalemedia.com/ Frame FF33
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=778b644f-08cd-4200-9c5c-da65e0d1f631
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=778b644f-08cd-4200-9c5c-da65e0d1f631
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 01 May 2023 00:33:21 GMT
Server
MT3 830 785530e master ord-pixel-x50 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=778b644f-08cd-4200-9c5c-da65e0d1f631
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 01 May 2023 00:33:20 GMT
crum
dsum-sec.casalemedia.com/ Frame FF33
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4836568124463724454&expiration=1684110801
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4836568124463724454&expiration=1684110801
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4836568124463724454&expiration=1684110801
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
htw-pixel.gif
cdn.indexww.com/ht/ Frame FF33 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZE8IzFXUuxVLPNY5y8A8iAAA%26172
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:21 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
25531
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c03eebd1fa4a238-YYZ
content-length
43
expires
Tue, 02 May 2023 00:33:21 GMT
crum
dsum-sec.casalemedia.com/ Frame 7661
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAErwE7InhIAACEgpNW--w&expiration=1684110801
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAErwE7InhIAACEgpNW--w&expiration=1684110801
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAErwE7InhIAACEgpNW--w&expiration=1684110801
Date
Mon, 01 May 2023 00:33:21 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 7661
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3339306244832130287
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3339306244832130287
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3339306244832130287
pragma
no-cache
date
Mon, 01 May 2023 00:33:20 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum.casalemedia.com/ Frame 7661
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=26d2a8f156920564&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAACUr_NLLkngQNziX5RAAAAAAA&expiration=1682987601&is_secure=true
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAACUr_NLLkngQNziX5RAAAAAAA&expiration=1682987601&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAACUr_NLLkngQNziX5RAAAAAAA&expiration=1682987601&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 7661
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E221993AEBB24A2B8493EE00CA67D0D7
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E221993AEBB24A2B8493EE00CA67D0D7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Mon, 01 May 2023 00:33:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E221993AEBB24A2B8493EE00CA67D0D7
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 30 Apr 2023 00:33:21 GMT
crum
dsum-sec.casalemedia.com/ Frame 7661
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1217742735073133822
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1217742735073133822
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 01 May 2023 00:33:21 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a57a01a3-6f70-4075-9a3d-489150793e24
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1217742735073133822
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 7661 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:db82:6d3d:b70e:446a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:21 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
demconf.jpg
dpm.demdex.net/ Frame 7661
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZE8IzFXUuxVLPNY5y8A8iAAA%26172?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZE8IzFXUuxVLPNY5y8A8iAAA%26172
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZE8IzFXUuxVLPNY5y8A8iAAA%26172
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
54.200.52.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-52-185.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v044-09f97e658.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
oE53EAnrQQ8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v044-076055c07.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
cO2JYdMARAE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZE8IzFXUuxVLPNY5y8A8iAAA%26172
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum-sec.casalemedia.com/ Frame 7661
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZE8IzFXUuxVLPNY5y8A8iAAA%26172&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b
date
Mon, 01 May 2023 00:33:21 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28517
htw-pixel.gif
cdn.indexww.com/ht/ Frame 7661 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZE8IzFXUuxVLPNY5y8A8iAAA%26172
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:21 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
25531
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c03eebd1fa5a238-YYZ
content-length
43
expires
Tue, 02 May 2023 00:33:21 GMT
tag
gklfs-x8k98.ads.tremorhub.com/ad/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gklfs-x8k98.ads.tremorhub.com/ad/tag?adCode=gklfs-ws7ts&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fmagazine-api.taboola.com%2Fvideo-content%2F-1849738329230163084%2Fflavours%2Fmp4_480.mp4&srcPageUrl=https%3A%2F%2Fslate.com&contentLength=NaN&gdpr=0&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:7c71:c298:8e44:b36d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
278da9f3a6fe2ff68372449893bb9b7f82cf3cea0bd935d410757c647624e5e7

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
content-encoding
gzip
server
nginx
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://slate.com
content-type
text/xml;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
tag
jzwjq.ads.tremorhub.com/ad/ 		119 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jzwjq.ads.tremorhub.com/ad/tag?adCode=gklfs-lsya3&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fmagazine-api.taboola.com%2Fvideo-content%2F-1849738329230163084%2Fflavours%2Fmp4_480.mp4&srcPageUrl=https%3A%2F%2Fslate.com&contentLength=NaN&gdpr=0&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:7c71:c298:8e44:b36d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
e4f4325d2251a1fb661e38826334015128eb74701e9951dcb1fa40a5a32a9ec8

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:21 GMT
content-encoding
gzip
server
nginx
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://slate.com
content-type
text/xml;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
31127826
ads.stickyadstv.com/vast/vpaid-adapter/ 		67 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/31127826?_fw_gdpr=0&schain=1.0,1!taboola.com,1510573,1,-394321080&_fw_us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:33:21 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://slate.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1682901201552029-302
syncnoad
partners.tremorhub.com/ 		1 KB
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=demandbase%2Cadgear%2Cquantcast%2Cmartinai%2C4Info%2CBidswitch%2Cstackadapt%2CBidTheatre%2Cadform%2CVideology%2Csimpli.fi%2Cbeachfront%2C_dmp_adobe%2Cappnexus%2Cadelphic%2C1%2CTapAd%2C_dmp_lotame%2Cexponential%2Cblis%2Cacuityads%2Cindexexchange%2C_google_dfp%2Cgoogle%2Cbucksense%2Crocketfuel%2Cemx%2Cbeeswax%2CPulsepoint%2Cadvangelists%2Cmediamath%2CRadiumOne%2Cdeepintent%2Cdynadmic%2Cportodsp%2Cconversant%2Ccentro%2Cmadhive%2Cadtheorent%2Cdataxu%2Ctremornet%2C_supply_taboola%2Cthetradedesk%2CSundaySky%2C_dmp_turbine%2Cbrightroll%2CTubeMogul-GP%2C_dmp_krux&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&init=true&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
94e4531e20329a770458f626eb9cbe307749c18dab3abb53ba98aacadedb2b2c

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1 KB
971 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=google%2Cdemandbase%2Cportodsp%2Cconversant%2CTubeMogul-GP%2C1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
d38f41d7be1af37db6f302d4d0fe35ab9ce0b6d515d9cfbbbdf3d05ff737bee8

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1 KB
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=demandbase%2Cportodsp%2Cconversant%2CTubeMogul-GP%2C1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
036f41fc81b2ad80abc81fde05b38cc453a5accc6f458a8d37805c880b2779de

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1 KB
883 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=portodsp%2Cconversant%2CTubeMogul-GP%2C1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
d20071714e15ece393fefac7bfbc44b45c8a96790b50b62715efc1aad3df244c

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1 KB
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=conversant%2CTubeMogul-GP%2C1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
209bacfbe693e651ad94cd2e9dd04f4e142b6fa27dcb6b2bda51ec2b403cc279

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1 KB
938 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=TubeMogul-GP%2C1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
1041c260e66342ac9dea8c05ac5b8a321c3a93373c2373203bfbc689bf400849

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1 KB
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
e3998231d75338acb163a0ffa198db479f280cdfdbbe580c1168e2a5fa927f06

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1 KB
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=dataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
af1385f27ad1af080a7075e6f788e4618f0e29d524d8d4e60f60011e4c5563ae

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1 KB
911 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=tremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
ab8c54fc89b6a487d16cb1f1983ffc38dc364640851453c40b23eef00d3d703b

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1 KB
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=Videology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
544f48ad97ba5cfa37a99a08e15d826b521041ada1ef6f48404cd01a5164edb6

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1 KB
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=thetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2Cstackadapt%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
4ef1f9a8cb1a1a308a0fad50cfd8c37cad047b882a1f971bf15465ebcd5c004a

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1 KB
857 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=appnexus%2Ccentro%2CBidswitch%2Cstackadapt%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
feddba2ded06c70a7e86adbbaf83077f84af14045443ec5cb9cd1a1d716c789a

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1004 B
838 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=centro%2CBidswitch%2Cstackadapt%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
66ec8f675cdc10f8613cb0af8fd4535a03f83e19009af30d320bbe551d132e09

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		978 B
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=Bidswitch%2Cstackadapt%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
9d9febbfb3aea663e94dcc5ec66cd35c1a8bda8af7bbf043fb34a5e316487a45

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		970 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=stackadapt%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
2201c7bb178e00deb9f87ea811c44c806762ff68339e7831eb684c2884eddc5d

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		956 B
807 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=SundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
300ab299a65ea1cabc4552a41d104b49197bca453bed6de969b026242f569de1

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		978 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=dynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
44445b00b331449bc05b6b4d2eeae9b6a2a4642458c66ec510c6d10c7517f2a4

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1008 B
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=mediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
6c2c4249e4dca202256e699a2d1cc04c34cebe6d411fbdccdc08d96168e4807d

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		924 B
788 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=BidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
7d9009cf219818e7c961d780b09fb6af729abd0ddae49ee766fb7303db588fc2

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		948 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=beeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a03af8bf7d64a1e87036649f39c57be7407e6854b2ad85760e30afd70bc5bb2e

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		1 KB
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=TapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
0d8e2721b385b60704d6177e3bc711b9f1cd890eb1655371e64c1ea859fd2aea

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		906 B
785 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=adgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
637fdd90d1fca2cbbb5eb815125ee51016a510da1ece572fec62867921fef8f1

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		964 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=Pulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a06e078a61b4ba465d3a019a7009607bdf844861f1fbf837ed97ab9a14590338

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		897 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=brightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
85572a06db401e12d0f9c4278e97c03970baa11e046d4436ff5e0b1404506caa

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		848 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=beachfront%2Cindexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
f835f4bfc0a9c90c2ffd9305538e414f97e68be51a6ae41cdef78d2af9788add

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
SPug
simage4.pubmatic.com/AdServer/ Frame 6B94 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
syncnoad
partners.tremorhub.com/ 		916 B
785 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=indexexchange%2CRadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
1c196451c2d1e12053237ff5ec394e6954f82ab58208e25cc068581554fc18fd

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		820 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=RadiumOne%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a923940cf3226db34869a09aa235208db76b66fb10d8dd67585bb65a7f28bf13

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		875 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=bucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
8f4a7f0dc50a72635a52e501e781b5b69b0a8850cc486bdec670433faa457fd0

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		816 B
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=adform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
bc49f3c9b79c3f8a5bd6233ce3c49bf3126244a307e76e27fc50678e96a9ed46

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		800 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=blis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
4cc94c5a3ea64cee8195c271bc8a9eb157dc5e130abc0102fa40090fd743fdb4

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		800 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=madhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
d4db3ea8047c07f945d0adca52aef8e3778acfbf02154fcbc2626928784d49e5

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		833 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=emx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
05c1d5d5b5c3df23e3f23cb86040e07dea601f5fd2fa576efc9af60a97cff1a9

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		884 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=exponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
1a319c1a150edd5df7975516af1428ce8e760373073b0368670401193ed1b6a7

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		839 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=adelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
f31c0502eff8d0cda4913bfd36bd6400c29907c928ef7c75e8b9f70befc2549c

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		744 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=adtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
23a57fb2db797b49419286598549444e33def964eddc7e913b7db274a7d634c7

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		718 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=simpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
4653a93e61f986f5268962ef27a8f47269df53df295dc12899874d85b36f7fcf

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		740 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=quantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
50b0d9b438df5bfef152c612bc43a1a0a16acd60a5fe0cc4e6ea2901cd11b62e

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		810 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
55e345264cf7c7ad9d0da6cc39b7e909e2604ccbbf1f204001aceb8762873017

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		740 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=deepintent%2Cadvangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
612a2c9d192156b4599b2668a0feef403dced746aa825a5b44ed416eb1baf0e1

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		782 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=advangelists%2Cmartinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
95965dc4751886d9d0d156bec22ae77de60b9fc411ba5667c87aa79b34ceb3dd

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		706 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=martinai%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
874a38db2093d33c9e3d66d840d339532b1cdff95b6bc84e2a08a6c0a885bc46

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		699 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=acuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
342b5873ed65ad4c834952ffaefcdb46248de37285fba62795210c025740d920

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		711 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
9e3b17fdf611394823c64f9ccff0bd1963a0f5894a5940b1b28cc80f1eece06b

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		680 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
28427b865849eb648cb94476e1bf4cfef7cdca6c52652226f9ee5aa7e2da5e01

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		642 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
968ae6e9a4f35b44f9a66226f0c1eaafdb1a630cf673e7dffb552390f69815d5

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		643 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a5d975a69a5a3338e00ea9d3f40b59bb24ca768712cd2a32e48edcaa45bb5edf

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		598 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=_dmp_lotame%2C_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
48bac96afb1ecbe424fdeae363cb0d021d72b0938ffdc1caa54b069392ea350e

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:23 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		611 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=_supply_taboola&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
16dd31b13cf1025a6a5fea28c4dbbc0d44bf00c2ca337ebd03609f1e45439260

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:23 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ 		118 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=e45da59902584b8db2c4157c7e08ae55&p=*&uid=1d8107942ee9458c8bf5a5b7685e4ec5&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:baf7:3cd7:4992:8956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
e81c248b5ead146b62a1d4da26be147cf9873e714e74e66daa5bd113a0e0d2ba

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:23 GMT
content-encoding
gzip
access-control-allow-credentials
true
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
content-type
text/xml;charset=UTF-8
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
efd89a165c9ceb52602d464d7620d63e7bc46245d38be46b2454774522fe3646

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:33:23 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://slate.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
OpportunityServlet
us-vid-events.taboola.com/ 		1 B
115 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://us-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_7_0/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://slate.com
date
Mon, 01 May 2023 00:33:23 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
PugMaster
image6.pubmatic.com/AdServer/ Frame BD2A 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=80592038&p=161864&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161864&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9503895e22357c19257c3e49315f13ad632731cec40ba455a01036cbe3962081

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 01 May 2023 00:33:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 6EBB
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ve8rzlPjfMpOvinLUeIyy1vrJ5FOui3OUumOn8nK
42 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ve8rzlPjfMpOvinLUeIyy1vrJ5FOui3OUumOn8nK
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161864&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 01 May 2023 00:33:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 01 May 2023 00:33:24 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ve8rzlPjfMpOvinLUeIyy1vrJ5FOui3OUumOn8nK
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
image2.pubmatic.com/AdServer/ Frame 2351
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_85fa64530a2144f3bcfe0
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_85fa64530a2144f3bcfe0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161864&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 01 May 2023 00:33:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Mon, 01 May 2023 00:33:23 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_85fa64530a2144f3bcfe0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame 831E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161864&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 01 May 2023 00:33:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:33:24 GMT
expires
Mon, 01 May 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1375056
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 51DA
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent=
42 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161864&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 01 May 2023 00:33:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 01 May 2023 00:33:23 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 2F7A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:l8m68DHp1PThtK5&gdpr=0&gdpr_consent=
42 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:l8m68DHp1PThtK5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161864&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 01 May 2023 00:33:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 01 May 2023 00:33:23 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:l8m68DHp1PThtK5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0c3ecb132b0acd40e@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 9D02
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=8d8acbfc-fd99-4032-8b5d-b099d354475f&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71
42 B
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161864&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.122.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-122-89.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Mon, 01 May 2023 00:33:24 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 01 May 2023 00:33:24 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
362358.gif
idsync.rlcdn.com/ Frame BD2A
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIYDZwLzoGnsP95VVcZZZK8&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIYDZwLzoGnsP95VVcZZZK8&google_cver=1
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:24 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIYDZwLzoGnsP95VVcZZZK8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71/gdpr=0/ Frame BD2A
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71/gdpr=0/gdpr_consent=
  • https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71/gdpr=0/gdpr_consent=
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71/gdpr=0/gdpr_consent=
Protocol
H2
Server
18.204.65.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-65-232.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:24 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.15.235
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:24 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=0F1C5E77-729B-4F92-8E83-B7A886DE1C71/gdpr=0/gdpr_consent=
cache-control
no-cache
x-server
10.40.41.198
content-length
0
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame BD2A 		95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:24 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
/
bpi.rtactivate.com/tag/ Frame BD2A 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=0F1C5E77-729B-4F92-8E83-B7A886DE1C71&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.59.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-59-85.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:24 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
Pug
simage2.pubmatic.com/AdServer/ Frame BD2A
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1608ec07-25bd-4a37-83ed-b449872e489b&gdpr=0&gdpr_consent=
1 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1608ec07-25bd-4a37-83ed-b449872e489b&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:33:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1608ec07-25bd-4a37-83ed-b449872e489b&gdpr=0&gdpr_consent=
Date
Mon, 01 May 2023 00:33:24 GMT
Connection
keep-alive
X-CI-RTID
2e3e89fc-0b8c-4630-aa78-9c1e2a0fac33
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
image2.pubmatic.com/AdServer/ Frame BD2A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8575d492-c56d-409a-b6c5-70be7088449c-644f08d4-4341&gdpr=0&gdpr_consent=
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8575d492-c56d-409a-b6c5-70be7088449c-644f08d4-4341&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 01 May 2023 00:33:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:33:24 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8575d492-c56d-409a-b6c5-70be7088449c-644f08d4-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame BD2A 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.158.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-158-115.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:33:24 GMT
sn.ashx
pmp.mxptint.net/ Frame BD2A
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33646_101F69DA5_83B9BB9E&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Protocol
HTTP/1.1
Server
38.98.69.175 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-365905990; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Mon, 01 May 2023 00:33:24 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-365905990; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Mon, 01 May 2023 00:33:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_

Verdicts & Comments Add Verdict or Comment

271 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 boolean| credentialless object| slateGlobal object| permutive object| googletag object| slatePermutiveData function| FontFaceObserver object| TARGETING_CATEGORIES object| slateCMP object| nonIabVendorApi object| OneTrustStub function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed function| OptanonWrapper object| slateAmplitudeQueue object| slateParsely object| pbjs number| sampling number| index_sampling object| tests boolean| isMobile function| loadAdLightning object| apstag object| _taboola string| selected object| dd function| fbq function| _fbq object| _comscore object| _qevents function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| mountLegacyServices function| tryToMount function| mountComponentModules object| modules function| require object| process object| DS object| Eventify object| regeneratorRuntime object| lazySizesConfig object| lazySizes object| pbjsChunk object| _pbjsGlobals object| criteo_q object| amplitude object| _slateCriteo object| tp function| OneSignal object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| __otccpaooLocation string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData function| quantserve function| __qc object| ezt object| _qoptions object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| apstagLOADED object| apscustom object| _aps function| ownKeys function| _objectSpread function| _defineProperty function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles boolean| _SLATE_PIANO_RESIZE_INITIALIZED object| Criteo object| COMSCORE object| ns_p boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| BlockAdBlock object| blockAdBlock boolean| creativeVendorLibraryLoaded function| clearImmediate function| setImmediate object| atsdetectionmodule object| atsenvelopemodule object| ats function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id undefined| google_measure_js_timing number| __oneSignalSdkLoadCount function| __jp0 function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| hi object| _pm_mcg object| Optanon object| OneTrust object| PublisherCommonId object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| cX function| cxCCE_callQueueExecute object| cxTest object| PARSELY function| gtag object| analyticsConnectorInstances object| ari object| google_tag_manager function| amazon_assoc_ir_f_call_associates_ads function| amazon_assoc_ir_f_call function| amzn_assoc_ad_spec_type object| amzn_assoc_ad_spec object| amzn_assoc_ad_async_spec object| adUnitDeliveryNetwork object| slotCounter function| cmManager object| amzn_assoc_cm boolean| amzn_assoc_enable_abs object| amzn_assoc_internal_params function| assocUtilsMaker object| amzn_assoc_utils object| amzn_assoc_ad object| blockedMarketPlacesJson object| blockedViewerCountriesJson function| amzn_assoc_jsonp_callback_adunit_0 function| amzn_assoc_client_cb_0 object| GooglebQhCsO object| PianoESPConfig undefined| cXJsonpCB1 string| nam object| placementData undefined| cXJsonpCB2 object| R4677w2 function| R4677w3 object| xop object| -jq6pzf4gtfk object| 1be34wg7mk8w number| lnt_z undefined| cXJsonpCB3 object| cmTag object| kAKSjQ function| kAKSjw object| xblacklist object| bzYRsc2 function| bzYRsc3 function| xblocker object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_130 object| Criteo_prebid_130 object| _cm_wfCounters string| lastWfUrl object| tbopt object| GoogleGcLKhOms function| webpackHotUpdate function| startCMTagMain string| category function| shuffle object| entertainment object| arrToUse object| playlist string| vpaidId function| OvaMediaPlayer object| google_image_requests

252 Cookies

Domain/Path Name / Value
.taboola.com/slatecom/ Name: taboola_session_id
Value: v2_49c8409ea71d2a4c0b754867f499a77a_66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b_1682901195_1682901195_CNawjgYQrZlcGK-56aX9MCABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABowPup8duG3vbwAXAB
.3lift.com/sync Name: sync
Value: CgoIoQEQpOLppf0wCgoI4gEQpOLppf0wCgoI5gEQpOLppf0wCgoIhwIQpOLppf0wCgkICRCk4uml_TAKCQg6EKTi6aX9MAoJCAsQpOLppf0wCgoIjAIQpOLppf0wCgkIXxCk4uml_TAKCQgfEKTi6aX9MA==
slate.com/ Name: AB
Value: 4_0
slate.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.slate.com/ Name: _sharedid
Value: 987fb852-9756-46aa-b1aa-5ec3fd0e5201
.onesignal.com/ Name: __cf_bm
Value: Ye14yS2Efphpq7O6vmI1T_BNl5M1RCfH802M4PWc2kM-1682901195-0-Aahqco1qXGWsGr4ZKMVraKBL9w0+t1W7hAEjYOdtPQ0/l5yJtpevybX90H12UmnnCC1dnl2CCvnewP+yiFhNgIw=
slate.com/ Name: usprivacy
Value: 1---
.scorecardresearch.com/ Name: UID
Value: 1559d8214279fa5f615ebf21682901195
.quantserve.com/ Name: mc
Value: 644f08cb-e6c29-c8089-a2f12
.kargo.com/ Name: ktcid
Value: 4ba91a13-8d6c-082f-1b3c-fa131351ebba
.openx.net/ Name: i
Value: 987fb852-9756-46aa-b1aa-5ec3fd0e5201|1682901195
.adnxs.com/ Name: icu
Value: ChgIk-0yEAoYASABKAEwzJG8ogY4AUABSAEQzJG8ogYYAA..
.slate.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOAmATgFYA7AAZew8dwBsAFi79J-EAF8gA
.slate.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lh43x5i8b1qqhapo%22%7D
.slate.com/ Name: __qca
Value: P0-800028457-1682901195752
.rubiconproject.com/ Name: khaos
Value: LH43X5G9-W-CF1I
slate.com/ Name: _lr_geo_location
Value: CA
slate.com/ Name: __adblocker
Value: false
.slate.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Mon+May+01+2023+00%3A33%3A16+GMT%2B0000+(GMT)&version=202211.2.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fslate.com%2Ftechnology%2F2020%2F12%2Fsolarwinds-hack-malware-active-breach.html&groups=C0002%3A1%2CC0001%3A1%2CC0004%3A1%2CC0003%3A1%2Cgad%3A1
.adnxs.com/ Name: uuid2
Value: 1217742735073133822
id.tinypass.com/ Name: AWSELBCORS
Value: D54D83371CA73269B30D9CD8F7A2329AB776287862631963EA45639467593466FE96E1B9423EF7934622B4F8598E9CFC9DF99266E51597DB3A2D8DE4B17CF4D3F02DEE6322
.slate.com/ Name: __pid
Value: .slate.com
slate.com/ Name: __pnahc
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A75mBHBEtEEDj3OLAyuLPUU
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.slate.com/ Name: _fbp
Value: fb.1.1682901196325.532608583
.slate.com/ Name: _gcl_au
Value: 1.1.223065443.1682901196
.slate.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://slate.com/technology/2020/12/solarwinds-hack-malware-active-breach.html%22%2C%22sref%22:%22%22%2C%22sts%22:1682901196387%2C%22slts%22:0}
.slate.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=8a1f8a8169b4b8497d6fd9bf0e4a9cdd%22%2C%22session_count%22:1%2C%22last_session_ts%22:1682901196387}
.slate.com/ Name: permutive-id
Value: 0fbc5f50-41d4-4212-87b7-0d26e0d452d3
.piano.io/ Name: __cf_bm
Value: NtSEqvm_wCHJ8fBWC9mEzDS9P457I7_eihzsSe.GplI-1682901196-0-ASwzCG9L4ymmFv8JyUeSKNPo0k96oL6C9TqEzrQHP2wxi2HEkNTX1h/ozwPZFVQUDDCYNLjJChZUWHc4gwZcgJc=
.slate.com/ Name: __tbc
Value: %7Bkpex%7DsIg4-F_FsXcXKfqfOShuJ5pFJReCzzglaeIZHHGha6Y5xDJ1KBMEvrL3S3bmLE25
.slate.com/ Name: __pat
Value: -14400000
.slate.com/ Name: __pvi
Value: eyJpZCI6InYtbGg0M3g1aWkyc2dmbDdkNyIsImRvbWFpbiI6Ii5zbGF0ZS5jb20iLCJ0aW1lIjoxNjgyOTAxMTk2NDg3fQ%3D%3D
.slate.com/ Name: xbc
Value: %7Bkpex%7DNJ3WjtWUygPrmedbNUOBVhR8iBXb_tdyMLdbR3cEtefCp0_jj4kJrUfsaKqV9q-MYOigs1ZvRRBsod-_6PentWwiDcTGrqhD9gy9WUy-RsjCsCwH9yZlaxYuGE4Iymhn2IlShEHfXFsy1jvXA7nGLermMoM1_JKjJF8chVRC9IJPxdZTGK-hpe4YqgouVc1h8oy79o-qYpLWbrTNF-MjPbq1ZkhtYH7klF5PIzGydrHJlUIgUlOrTsHM5mC-ZFkSPs4ojns7pKq9By4whoXbxgmInmH5YN6CAxx8Pv7egiAxzL-zWd6hh3k5mOvGdC6jJKPupxs47dh84MMsl7wpaCK2dDhRnHx3sYfKWwQaAdYCo7kv_r-G-iFjwIm8cUuDDXdbbz9x0IskG0g77zwz1D4j6qL_Wi0NIwCwbBRezf7XoRxDEAt-oSEgQWX2K-DO
.contextweb.com/ Name: V
Value: n5Rjf5W01gnn
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 455cd4cead735a6c
.slate.com/ Name: _parsely_tpa_blocked
Value: {%22tpab%22:false}
.gumgum.com/ Name: vst
Value: u_dd10adf0-fccf-44b8-bc31-c7295cd141ec
.16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co/ Name: pxid
Value: 2cb1c904-a642-44a1-9380-a018391ebdf8
.3lift.com/ Name: tluid
Value: 3260224274252108573155
.sharethrough.com/ Name: stx_user_id
Value: 12f48a0b-0054-49af-8fa5-c71116eb9cb1
.yahoo.com/ Name: A3
Value: d=AQABBMwIT2QCEDLVfQc6GOhs1g6ul30Z0akFEgEBAQFaUGRYZAAAAAAA_eMAAA&S=AQAAAmWCJSNsRuxHDRcpKn_9MTo
.smartadserver.com/ Name: pid
Value: 8433210686061420878
.adsrvr.org/ Name: TDID
Value: 2ceafc3a-8e26-4266-b01b-ef810856e5c7
.casalemedia.com/ Name: CMID
Value: ZE8IzFXUuxVLPNY5y8A8iAAA
.casalemedia.com/ Name: CMPS
Value: 172
.casalemedia.com/ Name: CMPRO
Value: 172
.lijit.com/ Name: ljt_reader
Value: GkehhPZHZHsGau6qT6if1y1n
.doubleclick.net/ Name: IDE
Value: AHWqTUnaNMZnM48MjofAgrvjc7U3R_EeRrBGfrw-FGiRm9DypUzfjJ1lRotEnXRhR1c
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjJSsjI0szAxNDQwtzTTUTIyRuObgflGliYmxiC%2BCZq8IYr%2BWgCJ0xAo
slate.com/ Name: slate-uuid
Value: 5cc60596-fc7d-4753-842e-fe2a718225c9
slate.com/ Name: slate-uuid-js
Value: 5cc60596-fc7d-4753-842e-fe2a718225c9
.presage.io/ Name: presage-ssp
Value: %7B%22uuid%22%3A%2267e2524c-7ab9-4b1c-b099-904da00ff08b%22%7D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZE8IzAAGrfCaLwAp
.bidswitch.net/ Name: tuuid
Value: 0917a668-00c7-4069-99d7-f5e021233ae9
.bidswitch.net/ Name: c
Value: 1682901196
.technoratimedia.com/ Name: tads_uidp_44
Value: LH43LMLB-28-57MV
.technoratimedia.com/ Name: tads_uidp_88
Value: 694731493061520576076
.technoratimedia.com/ Name: tads_uidp_77
Value: UQZ2Q6HZcRk7nq3bTYZk4bEnb0-uAzwa0SlIWJvu8lM
.technoratimedia.com/ Name: tads_uidp_45
Value: 46671F8B-D497-4BFD-88CF-23186B6CA4E0
.technoratimedia.com/ Name: tads_uidp_46
Value: 5364052513180930309
.technoratimedia.com/ Name: tads_uidp_79
Value: b793b3d9-5185-43ff-876b-209598df5c7e
.technoratimedia.com/ Name: tads_uidp_37
Value: e982d87b-1ada-328b-8637-db6bc271a79d
.technoratimedia.com/ Name: tads_uidp_48
Value: 4e117163-0d23-47c1-ae76-05b5c3deed66
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAMERwIIi-wwANGMwmSAAAAAAA
.technoratimedia.com/ Name: tads_uidp_7
Value: eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
.technoratimedia.com/ Name: tads_uidp_80
Value: y-UBsjuH9E2uGKTmtr6crdNjgLqPv3_c1D~A
.technoratimedia.com/ Name: tads_uidp_70
Value: 1673948501052-981480834937-007220-006-006384
.technoratimedia.com/ Name: tads_uidp_82
Value: ZE8GsntS6rVM0F29LL34HgAA&1339
.technoratimedia.com/ Name: tads_uidp_50
Value: 5851b4e0-d4d2-0606-2e6a-189aa5c5d968
.technoratimedia.com/ Name: tads_uidp_61
Value: 212153908003024
.technoratimedia.com/ Name: tads_uidp_62
Value: 3259006861455578000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: 1PkooRCNT_PX4qVqvtJxTTgf2L90aPuQ
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005
.technoratimedia.com/ Name: tads_uid
Value: 5597529CCA40456999768DE69389154D
.technoratimedia.com/ Name: tads_uid_cd
Value: 20190828051959+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.outbrain.com/ Name: obuid
Value: 6f11efcd-d264-4b7e-90d2-d6e7e010e404
.zemanta.com/ Name: zuid
Value: HFec2YkIGWgZAP77xHbg
.deepintent.com/ Name: CDIUSER
Value: di_85fa64530a2144f3bcfe0
.mathtag.com/ Name: uuid
Value: 778b644f-08cd-4200-9c5c-da65e0d1f631
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-aee3e84a-9648-5082-7b18-bc1b6a6da401.e7h%2B%2BdmAV3hD3vVtN%2BTsLhU7i9544YURMkJXlybjRFY
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AruPoSpZIUIJ7GLwbam2kAZU4mbs.OQRX4VcCym59xyafX4dXwu7w7l%2F4XbdkL9zRdjuVTJA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AruPoSpZIUIJ7GLwbam2kAZU4mbs.OQRX4VcCym59xyafX4dXwu7w7l%2F4XbdkL9zRdjuVTJA
.360yield.com/ Name: tuuid
Value: 52de0b4b-82e3-4a30-a0e6-78e647fb725d
.360yield.com/ Name: tuuid_lu
Value: 1682901196
.ipredictive.com/ Name: cu
Value: 1608ec07-25bd-4a37-83ed-b449872e489b|1682901196841
.admanmedia.com/ Name: admtr
Value: f0b70f73-cbb2-4720-91cd-e39926ff3dec
.admanmedia.com/ Name: ac_r
Value: CS71
.openx.net/ Name: univ_id
Value: 537072971|2ceafc3a-8e26-4266-b01b-ef810856e5c7|1682901196896456
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0F1C5E77-729B-4F92-8E83-B7A886DE1C71
.lijit.com/ Name: _ljtrtb_12
Value: 1217742735073133822
.eqads.com/ Name: EQUser
Value: UID=1fc3b8ec-2a9c-458c-95e1-e53b1ec79c28
.slate.com/ Name: __gads
Value: ID=32c67215ecdd490f:T=1682901196:S=ALNI_Mbgu1JIq7K-d0Yu--lozjBg-9At4A
.slate.com/ Name: __gpi
Value: UID=00000be6d5d06c31:T=1682901196:RT=1682901196:S=ALNI_Ma_8Dx8QTlKvrelhuvPZMtGBDnrNA
.bidswitch.net/ Name: tuuid_lu
Value: 1682901197
.simpli.fi/ Name: suid
Value: E221993AEBB24A2B8493EE00CA67D0D7
.tinypass.com/ Name: LANG
Value: en_US
.tinypass.com/ Name: LANG_CHANGED
Value: en_US
.taboola.com/ Name: t_gid
Value: 66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b
.bluekai.com/ Name: bku
Value: ikG9916/EtuPldGQ
.lijit.com/ Name: _ljtrtb_43
Value: kDiH9pY00PKLaYXzlDWe8548i6mLbYH2lz7aycZs
.creativecdn.com/ Name: u
Value: RDgIAw7H5oEzuDq18Bgx
.creativecdn.com/ Name: ts
Value: 1682901197
slate.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b
.lijit.com/ Name: _ljtrtb_2
Value: E221993AEBB24A2B8493EE00CA67D0D7
.csync.loopme.me/ Name: viewer_token
Value: 69a0fa36-3253-43ca-8d85-307195cd265f
.mediago.io/ Name: __mguid_
Value: 86d0265f255686f2b6858b82dd891b02
.tribalfusion.com/ Name: ANON_ID
Value: aonr6iq0I1f9yNy6Qw6XyjjnF5NU8SZd0JnhElDMsZafTkkWZb4hTWoiX0yvr4gqy1NbcNW7jVl
.sportradarserving.com/ Name: zuuid
Value: b396bfb6-8ff1-4e87-8bea-092305024ea2
.sportradarserving.com/ Name: c
Value: 1682901197
.sportradarserving.com/ Name: zuuid_lu
Value: 1682901197
.socdm.com/ Name: SOC
Value: ZE8IzcCo8X0AAIOrpPkAAAAA
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2C$Qs[.s[!]tbPl1MzM(ZqWiUa)ttQPls]Fuy3e[P<LGVWk9=OwMQ*On*M#Ow(7DN[`g%Q3l$G<QG=%9sk@3@'s>TGexS9
.nrich.ai/ Name: _nauid
Value: b288d4ed-1a7a-4989-9a3a-da6049374581
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjQ3MDA2NjQDYmMjM1NLY3MhPkNd89DiQMdIxyLjsAA_AOWTW_IkAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFkaWBoaGluYmQEAMg_zhYQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjQ3MDA2NjQDYmMjM1NLY3MhPkNd89DiQMdIxyLjsAA_AOWTW_IkAAAA
.tapad.com/ Name: TapAd_TS
Value: 1682901197430
.tapad.com/ Name: TapAd_DID
Value: a4b4a278-70a7-4dc9-98cf-67badbab2011
.slate.com/ Name: cX_P
Value: lh43x5i8b1qqhapo
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1682901197
match.sharethrough.com/ Name: AWSALBCORS
Value: A2XEmQy+ACzNT7xwC17PufXkfJrSqPmGuDgz4WsgBWVVzCt5jsx7uuB1VKCQMwqZg9Hyc+KZgOIGV1rFHJAZkGdwBIuMMvZ9miiMFpdUrbw1rcqIhwyZmZQc2Ve/
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-970033163313265937
.turn.com/ Name: uid
Value: 3339306244832130287
.cxense.com/ Name: gckp
Value: cx:5jeel6gn0jkr3rdv1itdfyeeh:1seiwgq1sd7iw
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEI-OaefEMiYUAeucR9Fo7S0&KRTB&22987-CAESEI-OaefEMiYUAeucR9Fo7S0&KRTB&23025-CAESEI-OaefEMiYUAeucR9Fo7S0&KRTB&23386-CAESEI-OaefEMiYUAeucR9Fo7S0
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:E221993AEBB24A2B8493EE00CA67D0D7
.thrtle.com/ Name: mc
Value: eyJpZCI6IjU4ZmJmOTNhLThjMTQtNDU4Yy1iNzQzLTk1YTM2YWViOGY1NSIsImwiOjE2ODI5MDExOTc1NjUsInQiOjF9
.linkedin.com/ Name: bcookie
Value: "v=2&bdf75763-39a9-431e-89bf-928ffb6984c1"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2895:u=1:x=1:i=1682901197:t=1682987597:v=2:sig=AQEDeher4ruwiyp1050hcEH5bnIz8XcA"
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3339306244832130287&KRTB&23150-3339306244832130287
.lijit.com/ Name: _ljtrtb_26
Value: 0917a668-00c7-4069-99d7-f5e021233ae9
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!2904
.slate.com/ Name: AMP_MKTG_5a7cb616c0
Value: JTdCJTdE
.slate.com/ Name: slatevisits
Value: 1
.slate.com/ Name: slatevisitsmon
Value: 1
.slate.com/ Name: cX_G
Value: cx%3A5jeel6gn0jkr3rdv1itdfyeeh%3A1seiwgq1sd7iw
.slate.com/ Name: AMP_5a7cb616c0
Value: JTdCJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJkZXZpY2VJZCUyMiUzQSUyMjQzZTM4MjM5LWU1YjUtNGY3Yy04N2NlLWVkYThkYTNkMjg4ZCUyMiUyQyUyMmxhc3RFdmVudFRpbWUlMjIlM0ExNjgyOTAxMTk3OTAxJTJDJTIyc2Vzc2lvbklkJTIyJTNBMTY4MjkwMTE5NjIzMSU3RA==
.criteo.com/ Name: uid
Value: a96db30a-0d1f-4437-bc2e-f7734502baa1
.slate.com/ Name: cto_bundle
Value: fKzvfV9ublBoMExCJTJCR0xqd3FWVzBzTHBWcHVvbE45c215UHFHQUVKclo4VmZwNnR3bjUyR05IS05jazlRamgzV3NOSSUyQmN4VGtOaGZEYzRlWFV6SiUyQlhEMGs1Z2EzZWJ4M2JtcWFoV3JRdU45dENwcjZGSjRSTjZ0RWRPMVNQcjZoVEx0SW03eWNkTk52YzVHWTJyMlpSUXh6d0ElM0QlM0Q
slate.com/ Name: _lr_sampling_rate
Value: 100
.ads.stickyadstv.com/ Name: UID
Value: 561da2bcf86ab95f3de431e97b461c5f
.tremorhub.com/ Name: tvid
Value: 1d8107942ee9458c8bf5a5b7685e4ec5
.tremorhub.com/ Name: tvrg_60267
Value: 1,1682901199
.rubiconproject.com/ Name: audit
Value: 1|clb2f5t+FPqx671UofVeNu1WuCoMxA8a+JUixCbOKdpLfYM1RPAn/C4sx7Wa104r8o1wi1IgItnAUJ+gL7gixdMe1/XEAJMO+WbVps3Kg00JrHenJgWdLQ==
.lijit.com/ Name: ljtrtb
Value: eJwVyrEKwjAQgOF3yWzgcpfmcm6tCRTs4KZxizWFYgXByYrvbrr8y%2F99lUG1rzHMFpkaYDJEHlHt1HYiohGhNnYd2hY7b4ViBDi0jgME3pirDsRwds5rgJG1BSda5M56agqgQaJcpFpL1T7C3MsrAZyOQ06XdQnn4hvrZ%2FccbqnHZeX8Ga9v9fsD4BImvw%3D%3D
.lijit.com/ Name: _ljtrtb_42
Value: 66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b
.id5-sync.com/ Name: id5
Value: b72e9098-379f-72e8-a0c2-6960f29352ce#1682901196848#3
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-0917a668-00c7-4069-99d7-f5e021233ae9
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 4836568124463724454
.mfadsrvr.com/ Name: tuuid
Value: e223b357-3f09-4481-9c10-8628c1a24a7c
.mfadsrvr.com/ Name: c
Value: 1682901199
.mfadsrvr.com/ Name: tuuid_lu
Value: 1682901199
.mfadsrvr.com/ Name: ssh
Value: !taboola,1682901199
.adscale.de/ Name: uu
Value: d78a25f59dfa4cba9cebcc624d038777
.ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
.go.sonobi.com/ Name: __uis
Value: 5f481e3f-fe26-4643-95a4-3f53617d0aae
.go.sonobi.com/ Name: HAPLB8S
Value: s8754|ZE8I0
.adscale.de/ Name: cct
Value: 1682901199546
.adx.opera.com/ Name: UID
Value: OPUec42b12aa66d48308bb6d05365de8a93
.ads.stickyadstv.com/ Name: pxId
Value: 1425
.fwmrm.net/ Name: _uid
Value: "o0f8a_7228005612105001286"
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: o0f8a_7228005612105001286
.ads.stickyadstv.com/ Name: MRM_UID
Value: o0f8a_7228005612105001286
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEIhpzq4FKCz2LyHcyJCa8bU
.ads.stickyadstv.com/ Name: uid-bp-892
Value: 2ceafc3a-8e26-4266-b01b-ef810856e5c7
.semasio.net/ Name: SEUNCY
Value: E3AD1B54C2BEBE75
.bidr.io/ Name: bito
Value: AAErwE7InhIAACEgpNW--w
.bidr.io/ Name: bitoIsSecure
Value: ok
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAErwE7InhIAACEgpNW--w
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-z00hXk9E2oNZfsQ5BXZA6dcBsb26dCynkxpQaa6r~A
.adgrx.com/ Name: ADGRX_UID
Value: c5daa5f8-e7b7-11ed-81c4-b1999ba94c6c
.adgrx.com/ Name: ADGRX_CM_FREEWHEEL_BRIDGED
Value: 1
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.ads.stickyadstv.com/ Name: uid-bp-22945
Value: c5daa5f8-e7b7-11ed-81c4-b1999ba94c6c
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-c5daa5f8-e7b7-11ed-81c4-b1999ba94c6c&KRTB&23275-c5daa5f8-e7b7-11ed-81c4-b1999ba94c6c
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:778b644f-08cd-4200-9c5c-da65e0d1f631&KRTB&16736-uid:778b644f-08cd-4200-9c5c-da65e0d1f631&KRTB&23019-uid:778b644f-08cd-4200-9c5c-da65e0d1f631&KRTB&23114-uid:778b644f-08cd-4200-9c5c-da65e0d1f631
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-2ceafc3a-8e26-4266-b01b-ef810856e5c7&KRTB&22918-2ceafc3a-8e26-4266-b01b-ef810856e5c7&KRTB&23031-2ceafc3a-8e26-4266-b01b-ef810856e5c7
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1217742735073133822&KRTB&23339-1217742735073133822
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAACUr_NLLknWANAesYhAAAAAAA&KRTB&22713-AAACUr_NLLknWANAesYhAAAAAAA&KRTB&22715-AAACUr_NLLknWANAesYhAAAAAAA
.bfmio.com/ Name: __187_cid
Value: 0F1C5E77-729B-4F92-8E83-B7A886DE1C71
.bfmio.com/ Name: __io_cid
Value: 898b7d0d235fd6cfb5acefec417c55fe313723a1
.ads.stickyadstv.com/ Name: uid-bp-20721
Value: c9ddfb3e-fb4d-4385-b470-78422aa2bf32
.adkernel.com/ Name: ADKUID
Value: A3499120087437666193
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1kbv|4is.0.CAESEME2wRl8BSoc7blc413ATI0|7TY.0|2N.0.AAACSpP2su2lggML40bCAAAAAAA|3oy.0|7bq.0.1|5Ql.0.66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b|7dN.0.AAErwE7InhIAACEgpNW--w
.id5-sync.com/ Name: 3pi
Value: 464#1682901199222#944095934#66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b|112#1682901200180#-307748236#E3AD1B54C2BEBE75|434#1682901199563#1210651961|2#1682901200295#1346573416#1217742735073133822|3#1682901199836#-432659591#778b644f-08cd-4200-9c5c-da65e0d1f631|264#1682901200431#-156344019#2ceafc3a-8e26-4266-b01b-ef810856e5c7|108#1682901199704#-111333431|429#1682901199343#-1173291122#0F1C5E77-729B-4F92-8E83-B7A886DE1C71
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.marketiq.com/ Name: ADK_EX_685
Value: 1
.marketiq.com/ Name: ADKUID
Value: A3499120087437666193
.ads.stickyadstv.com/ Name: uid-bp-25746
Value: 1608ec07-25bd-4a37-83ed-b449872e489b
.smartadserver.com/ Name: csync
Value: 107:66b33777-50cb-4b4e-870f-7d547120d887-tuctb488e4b|127:AAErwE7InhIAACEgpNW--w
.w55c.net/ Name: wfivefivec
Value: l8m68DHp1PThtK5
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAErwE7InhIAACEgpNW--w
.w55c.net/ Name: matchfreewheel
Value: 5
slate.com/ Name: _lr_retry_request
Value: true
slate.com/ Name: _lr_env_src_ats
Value: false
.openx.net/ Name: pd
Value: v2|1682901196.5|vPvMgakWgy.iKbwhEgKg2
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsIwMavhLb55DsQBRIbCgxzaGFyZXRocm91Z2gSCwj2m9uFtvnkOxAFEhYKB3J1Ymljb24SCwj8u7-JtvnkOxAFEhQKBXRhcGFkEgsI7raAjbb55DsQBRIXCghwdWJtYXRpYxILCKqWhKa2-eQ7EAUSEwoEa3J1eBILCIL8tc78xtk7EAUSFgoHc3Z4OXQ1MBILCJ7Y5q62-eQ7EAUYASABKAIyCwie0OnbzPnkOxAFOAFaB3N2eDl0NTBgAg..
.c.bing.com/ Name: MR
Value: 0
.bing.com/ Name: MUID
Value: 244A8CADE6B86BEB29039FA9E7836AAE
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2be0:18z8~2be0:18za~2be0:175w~2be0"
.dotomi.com/ Name: DotomiTest
Value: 26d2a8f156920564
.pippio.com/ Name: did
Value: r0fOF-_DrL9JlF5T
.pippio.com/ Name: didts
Value: 1682901201
.pippio.com/ Name: nnls
Value:
.krxd.net/ Name: _kuid_
Value: PhwIWlP_
.creative-serving.com/ Name: c
Value: 1682901201
.creative-serving.com/ Name: tuuid_lu
Value: 1682901201
.creative-serving.com/ Name: tuuid
Value: 475f171f-2d03-4c54-a528-a5f985cf9af9
.pippio.com/ Name: pxrc
Value: CNGRvKIGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/ Name: rmuid
Value: c52b774a-99e0-4ad1-87fd-2034661df0c9
.linksynergy.com/ Name: icts
Value: 2023-05-01T00:33:21Z
.tremorhub.com/ Name: tvv
Value: 2
.demdex.net/ Name: demdex
Value: 37864521770670025650919661857496106653
.dpm.demdex.net/ Name: dpm
Value: 37864521770670025650919661857496106653
.pubmatic.com/ Name: SPugT
Value: 1682901203
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 161864:4
.pubmatic.com/ Name: DPSync3
Value: 1683936000%3A257%7C1684108800%3A256_258_261_260_259_255%7C1684022400%3A263_201_262%7C1683417600%3A248%7C1683504000%3A253
.pubmatic.com/ Name: SyncRTB3
Value: 1684022400%3A46_220_13_21_22%7C1683763200%3A63%7C1683417600%3A2%7C1683504000%3A223_15%7C1684108800%3A104_55_48_240_54_3_250_166_8_178_5_7_71_231_249_165%7C1684195200%3A35
.quantserve.com/ Name: d
Value: EK4BEgHxKPijDejbEA
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22141%22%3A%2220230501%22%7D
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_85fa64530a2144f3bcfe0
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-Ve8rzlPjfMpOvinLUeIyy1vrJ5FOui3OUumOn8nK&KRTB&19420-Ve8rzlPjfMpOvinLUeIyy1vrJ5FOui3OUumOn8nK&KRTB&22979-Ve8rzlPjfMpOvinLUeIyy1vrJ5FOui3OUumOn8nK&KRTB&23462-Ve8rzlPjfMpOvinLUeIyy1vrJ5FOui3OUumOn8nK
.rlcdn.com/ Name: rlas3
Value: q2lwKtvRJ1e97q+niAhNRUpqrfrCpRB947mgFsVeoBw=
.rlcdn.com/ Name: pxrc
Value: CNGRvKIGEgUI6AcQABIFCOhHEAASBgi66gEQAxIGCLjrARAA
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:l8m68DHp1PThtK5&KRTB&23457-uid:l8m68DHp1PThtK5&KRTB&23421-uid:l8m68DHp1PThtK5
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-1608ec07-25bd-4a37-83ed-b449872e489b&KRTB&23011-1608ec07-25bd-4a37-83ed-b449872e489b&KRTB&23355-1608ec07-25bd-4a37-83ed-b449872e489b
.mxptint.net/ Name: mxpim
Value: R33646_101F69DA5_83B9BB9E.1.0000000000000000644F08D4
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-0F1C5E77-729B-4F92-8E83-B7A886DE1C71&KRTB&23413-0F1C5E77-729B-4F92-8E83-B7A886DE1C71&KRTB&23479-0F1C5E77-729B-4F92-8E83-B7A886DE1C71
.sitescout.com/ Name: ssi
Value: 8575d492-c56d-409a-b6c5-70be7088449c#1682901204425
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: b6ccd8dff7407d92416aa16c29300ee9
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33646_101F69DA5_83B9BB9E&KRTB&23092-R33646_101F69DA5_83B9BB9E
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-8d8acbfc-fd99-4032-8b5d-b099d354475f&KRTB&23340-8d8acbfc-fd99-4032-8b5d-b099d354475f
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY4MjkwMTIwNDQ1NH0
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 57f6e1e3-729c-4bb9-be38-d4f306ba1953
beacon.lynx.cognitivlabs.com/ Name: ss
Value: y%2BwdS4sOmoVz2Q60u64N53fKBN3Gq0rW9I%2FgrWlc116KPXl3FwBtiMGzsJ6qDzfjKvdW1kTc1gHvUepc%2B4JD2g%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-8575d492-c56d-409a-b6c5-70be7088449c-644f08d4-4341&KRTB&23418-8575d492-c56d-409a-b6c5-70be7088449c-644f08d4-4341
.pubmatic.com/ Name: PugT
Value: 1682901203

21 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'layout-animations'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'legacy-image-formats'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'oversized-images'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker-selection'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'unoptimized-images'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'unsized-media'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vibrate'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vr'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, autoplay, camera, ch-device-memory, ch-downlink, ch-dpr, ch-ect, ch-prefers-color-scheme, ch-rtt, ch-ua, ch-ua-arch, ch-ua-bitness, ch-ua-full-version, ch-ua-mobile, ch-ua-model, ch-ua-platform, ch-ua-platform-version, ch-viewport-width, ch-width, clipboard-read, clipboard-write, cross-origin-isolated, display-capture, encrypted-media, fullscreen, geolocation, gyroscope, hid, idle-detection, magnetometer, microphone, midi, otp-credentials, picture-in-picture, publickey-credentials-get, screen-wake-lock, serial, usb, xr-spatial-tracking, gamepad. Values defined in Permissions-Policy header will be used.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'speaker-selection'.
network error URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13468
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co
194dc8bc3de6f7266f5cc8ec065a9c4f.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax-us-east.amazon-adsystem.com
aax.amazon-adsystem.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.creative-serving.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.ca
adservice.google.com
ap.lijit.com
api-v3.tinypass.com
api.cxense.com
api.permutive.com
api.rlcdn.com
api2.amplitude.com
ats-wrapper.privacymanager.io
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bpi.rtactivate.com
buy.tinypass.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2.piano.io
casale-match.dotomi.com
cdn.adnxs.com
cdn.amplitude.com
cdn.cookielaw.org
cdn.cxense.com
cdn.indexww.com
cdn.onesignal.com
cdn.permutive.com
cdn.stickyadstv.com
cdn.taboola.com
cdn.tinypass.com
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
check.analytics.rlcdn.com
choices.trustarc.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
comcluster.cxense.com
compote.slate.com
connect.facebook.net
crb.kargo.com
creativecdn.com
cs.admanmedia.com
csync.loopme.me
d.adroll.com
dcdn.adnxs.com
direct.adsrvr.org
dis.criteo.com
dpm.demdex.net
dsp.adkernel.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
experience.tinypass.com
fastlane.rubiconproject.com
fls-na.amazon-adsystem.com
fpa-cdn.slate.com
fpa-events.slate.com
geo.privacymanager.io
geolocation.onetrust.com
gklfs-x8k98.ads.tremorhub.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.cxense.com
id.rlcdn.com
id.tinypass.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.taboola.com
imprnjmp.taboola.com
js-sec.indexww.com
jzwjq.ads.tremorhub.com
krk.kargo.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
ms-cookie-sync.presage.io
mug.criteo.com
nym1-ib.adnxs.com
onesignal.com
onetag-sys.com
p.rfihub.com
p1.parsely.com
p1cluster.cxense.com
pagead2.googlesyndication.com
partners.tremorhub.com
pippio.com
pips.taboola.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm-widget.taboola.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb2-useast.marketiq.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
shftr.adnxs.net
simage2.pubmatic.com
simage4.pubmatic.com
slate-d.openx.net
slate.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.adkernel.com
sync.bfmio.com
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
taboola-d.openx.net
tagan.adlightning.com
tags.rd.linksynergy.com
tg.socdm.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
us-match.taboola.com
us-trc-events.taboola.com
us-u.openx.net
us-vid-events.taboola.com
us-wf.taboola.com
usermatch.krxd.net
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
widget.perfectmarket.com
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
x.bidswitch.net
z-na.amazon-adsystem.com
pm.w55c.net
104.127.172.242
104.18.11.47
104.18.25.185
104.19.150.54
104.36.115.111
104.72.156.219
107.178.254.65
107.21.144.28
108.138.106.43
108.139.29.12
108.139.29.93
124.146.215.42
141.226.224.48
141.226.230.50
141.95.33.111
143.204.151.99
145.40.89.32
151.101.129.44
151.101.130.133
151.101.193.108
151.101.194.133
151.101.2.49
151.101.65.108
151.101.65.44
172.217.165.130
173.231.178.83
174.137.133.32
174.137.133.49
18.164.115.48
18.164.116.28
18.164.124.50
18.204.65.232
18.233.122.89
184.73.158.115
185.167.164.37
185.184.8.90
192.40.39.223
198.148.27.139
199.187.193.177
199.187.193.179
199.187.193.197
199.250.161.129
199.38.167.130
20.127.253.7
207.198.113.86
209.54.180.72
209.54.182.161
216.200.232.253
23.54.68.197
23.57.131.233
23.92.190.68
2600:1400:9000::687e:7751
2600:141b:9000:49b::268b
2600:1f18:4e9:5a02:3829:a14e:8be6:e46f
2600:1f18:612b:4280:7c71:c298:8e44:b36d
2600:1f18:612b:4280:baf7:3cd7:4992:8956
2600:1f18:61c0:2205:db82:6d3d:b70e:446a
2600:9000:21dd:d800:6:44e3:f8c0:93a1
2602:803:c002:200::113
2603:c020:400d:3000:67b7:1059:7283:c690
2604:9e00:1:129::2:a01
2606:4700:3033::ac43:c63c
2606:4700:4400::ac40:9062
2606:4700::6810:f015
2606:4700::6811:180e
2606:4700::6811:b6b1
2606:4700::6811:b9b1
2606:4700::6812:18ad
2606:4700::6812:d73b
2606:4700::6813:bb61
2606:ae80:1471:13::730
2607:f8b0:4006:807::2002
2607:f8b0:4006:80d::2008
2607:f8b0:4006:80e::2002
2607:f8b0:4006:817::2004
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::2003
2607:f8b0:4006:821::2001
2620:100:a001::18
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:1456:d0e1:7db4:a56b
2620:1ec:21::14
2620:1ec:c11::200
2a02:2638:3::3
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
3.121.62.79
3.217.59.85
3.225.186.40
3.225.70.135
3.229.9.249
34.102.163.6
34.107.254.252
34.111.113.62
34.120.155.137
34.170.123.2
34.200.65.202
34.200.84.78
34.202.144.192
34.225.9.104
34.226.224.89
34.230.139.137
34.236.196.225
34.98.67.3
35.165.93.196
35.168.31.100
35.169.95.213
35.173.167.165
35.190.60.146
35.207.24.140
35.208.249.213
35.211.178.172
35.211.233.246
35.214.153.92
35.241.9.51
35.244.159.8
35.71.131.137
35.71.139.29
38.91.45.7
38.98.69.175
44.208.104.156
50.57.31.206
51.222.39.186
51.68.39.188
52.205.167.202
52.210.233.165
52.3.14.118
52.5.155.111
52.54.34.85
52.85.61.61
52.94.223.37
52.94.233.131
54.192.161.188
54.200.52.185
54.230.163.71
54.230.243.220
54.86.165.56
54.87.127.173
63.251.28.234
63.251.86.49
64.202.112.127
64.202.112.63
68.67.153.38
68.67.160.24
68.67.179.153
68.67.181.211
69.166.1.12
69.173.151.100
74.119.119.139
74.119.119.150
8.28.7.81
8.28.7.83
8.28.7.84
8.43.72.97
80.77.87.163
82.145.213.8
86.109.7.56
99.84.37.28
027d1d3da3a1fc01a0c292b7f35c1db9368ce1623b97b0f76ca7b4add3b42df0
027e2f36b05f1dff9cf6dde6bd1b74f3239460a8a05660bbf7620e2cae2292a9
035cd0371913be44c2b6e952fbfec8463980d1af54d422177451e8955f9a9f4d
036f41fc81b2ad80abc81fde05b38cc453a5accc6f458a8d37805c880b2779de
03afc2cc26af862b24585d43a18f3357eac368350f50d83df5c4b9594ccb4156
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
04aad4af266d83216ac5e9c795a149c5817436c3c420e87960513986eb302692
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
053babc86b8929fa9c6908a4b38180f78b29cfd810417ea297a6009197501812
05c1d5d5b5c3df23e3f23cb86040e07dea601f5fd2fa576efc9af60a97cff1a9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f3b32bade6e2a55c3ddbed3867b8a9e43ed53191c2db5bc1dda1319a85cd58
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
0741af0f1c64e99083156b9d8899901a210d6735f1600efa156260135982e40a
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
09fb978479698afec8d4eb3f442039999bf88fd12f625bcb53bb3b94f62b2d34
0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae
0acd5dd80d37fe16b59740b1461ae202c1ff1427ca5cf988b788c6e91d1ab31e
0b55ac6dc6377ef1f39774d580465a17619972d2569ccf1be26c08984f72ed4f
0b65fc8cdeefc80c2ef2a7554342c397818c1733220868ee0fb702339f2348a0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d8e2721b385b60704d6177e3bc711b9f1cd890eb1655371e64c1ea859fd2aea
1041c260e66342ac9dea8c05ac5b8a321c3a93373c2373203bfbc689bf400849
115f5d7641e853723d5e8e94ea54135addb3529d2c54615de395ed8a16155804
116972d702e6899477bc7568ab755f872e25c6a65ea4fdef9a03dc8a411d683b
11da00078a3b3a63fc2dbe4f8cbaa58eb6c94dc581a2f49f393e706cc41d9ec9
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
14bf9434ca9e306b181db22c6529a3535ba586f04f3308c099138c3ccb241fba
16dd31b13cf1025a6a5fea28c4dbbc0d44bf00c2ca337ebd03609f1e45439260
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
1a319c1a150edd5df7975516af1428ce8e760373073b0368670401193ed1b6a7
1c196451c2d1e12053237ff5ec394e6954f82ab58208e25cc068581554fc18fd
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
1e8d857c74c9944446ff9e0891f27d886abd5ea32ed699a9d78e2ca5892798a1
203316af71b5e6266f6b921ce23ebf03baa8bcb293645da6b9c78718d6c6def7
209bacfbe693e651ad94cd2e9dd04f4e142b6fa27dcb6b2bda51ec2b403cc279
20b47b601e05657d9c479af46a86b2aee70a97cdc66c4e7bc496f40ddc9ba423
2105fb750d01ccfed1f95c02b46ad17a843b5fb731115c11becd4df59a797201
2201c7bb178e00deb9f87ea811c44c806762ff68339e7831eb684c2884eddc5d
23a57fb2db797b49419286598549444e33def964eddc7e913b7db274a7d634c7
23c26d8e75b895a0deb75d2a9b46009909443f15e4c8fbef235646d77ad6cf15
24635339cb9abbc0640e0b2a79343f188f468090f8a5c399d76d5b93ac934bfc
24a9b2c1e1dd0cf98c918d1c07fcd31e3e4eb2e95c634e26f4cb167051d9c460
253fb014bf2106601cbbaab9f49394703bdff2da00227172b2de2afd84c2247e
26722786cc2b7257efb9ed4b77e7c4f0cae058303ac58a67e74f191db592eda7
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
269ec9d3b42ae3cb5fda4d8c52ac39eabc84ea2aecf25746a609b86ed0125fd6
278da9f3a6fe2ff68372449893bb9b7f82cf3cea0bd935d410757c647624e5e7
28427b865849eb648cb94476e1bf4cfef7cdca6c52652226f9ee5aa7e2da5e01
285f1636a887d9d081ef020aff25389aa93e2906ba09e05257b19ed497b1abe6
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2a0fac24642299cfd0a7e4b2b1be6919c9bfc46f87f4e1f9ca8faac4ed7c29f3
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2be66ecb040623badb53256cd586051b797155f97754bf2cc70361dfd129c3da
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e22bcb1209a70bdef71b0e3074e23d62a21b3e71cca7085f66d0d2775b90553
2ee370285bb332d4c9ca2d23feb450c817824e279b9327aeda0001d83641c12e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
300ab299a65ea1cabc4552a41d104b49197bca453bed6de969b026242f569de1
32254ea32578643cb100d685e02d6c21b6998205797c03a569df93794c75c2a1
342b5873ed65ad4c834952ffaefcdb46248de37285fba62795210c025740d920
3617bdde2ed21270daf0b4284181826438dd80fc9d96eebe8e7acf3b1f31f627
36b5f8c84d43087b05ab36cf8bd0910e8c467cf2c7feabe588f1763fcca0c10e
3775b2253694eeaf0214b74d44e271c33bb635a547c1e2c95a48285bac8ed152
379d848b12a26d142930bfa85bc9e5bee22ae87a8ddc211a2f1fd5512cc2e353
386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ad153145535384b64b055ab14a32c0078416de71e27b9097e0bb027a5b823a3
3cb301bb622df284ba538a529481caccefc8b7a5ec841a299b9ebf178c4a0d97
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eb59b80fac02f84de6115b5fbda6bdc0855835195edb7083a0773c208ccb5a2
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412930d5c0e70458a49866b0d7621325c81aa80e8674d25520c656f908268ff7
4267d38679fbbc2c22bf8ab16d0babd37ca8a4dcca73f2e1d73136f09e81ddf7
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
43695acd4c098054a506d222e398fe54c97f1dced6b3c77a05dfbb36252e38c3
4393282941042ec06dc5cb8c8dca93bcbf115522193859d92fd6e417fc43e1a2
43cecb942dedd0e30e6cf86a69f8d7fbcec2b02c909fc6cab118f23c84d5d5c0
43e96d451b13a80f769c106908376c94b31beb9aac6566498c5c60f0059ca4f1
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44445b00b331449bc05b6b4d2eeae9b6a2a4642458c66ec510c6d10c7517f2a4
4494607ae7dec8176ebb910d1f0dabc268d69962c1e3e722013f4112c1b7d9d1
45dd69820a1f9f23fd5018bced71dda3a4ecb3125f7007ff77d4a6f98483b154
45f3c817c54ff5188b7b68a445fff441cef6f29d2b84993340b24449b225663e
4653a93e61f986f5268962ef27a8f47269df53df295dc12899874d85b36f7fcf
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46adccd2994c0bfa1be4fe4e892f00510a73cdd460e75fc181b3aee09c2846f2
46f39bfaf1e3b1be1588fb14c6dc8efe7e1d259d11fafb1f5c2b179bc0ba0fce
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48bac96afb1ecbe424fdeae363cb0d021d72b0938ffdc1caa54b069392ea350e
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
48f86e0a0ffa401b8c24250b86ea9c5a8a159e92e1965d65da952245e8ca2ee8
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
49ad499167e6845d7df4d4b2d7ee428fd5d6291ec373e976086fb0b89e06fbbd
49dea5abbe9daa28bfab55a3ee386818f458e870f713e2146dc8ecbb3155a440
4a4af3034c25b117e02ba917715bd8f9198834e5e164a5582ca476ee2e1b1054
4a639d194df41fd91d6848c28aa50b5a4a4cc8cc80b3787bbdf3876670513bf7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c4275bd9bf16786d48f0f32fd7cc3c98b6d3117f000daf79fddc28c6e9a8d1b
4cc94c5a3ea64cee8195c271bc8a9eb157dc5e130abc0102fa40090fd743fdb4
4ce23ce91aa21ae60b04b05e34f89f0156094711d57eac71902e02f772760c91
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2741534f1251ac4dc08239c115a3db3bb642af989433283458eecce58833b9
4ef1f9a8cb1a1a308a0fad50cfd8c37cad047b882a1f971bf15465ebcd5c004a
4f7a04c3013ba1f4f820d0edd71ffb4cbcdd372c619f5a66567a347359174727
50832693980e5c77ec736487ce344a40bee1e0e241cf9a4b756b8673bc346854
50b0d9b438df5bfef152c612bc43a1a0a16acd60a5fe0cc4e6ea2901cd11b62e
52983b3a229336f48187d711ecdf7cc7c45181c253a71ad9ac140c7248b6d9cf
5336e341bf88d1798de998944eb812582d4f522583b3be6fe4b366f6bb9426a6
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
544f48ad97ba5cfa37a99a08e15d826b521041ada1ef6f48404cd01a5164edb6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e345264cf7c7ad9d0da6cc39b7e909e2604ccbbf1f204001aceb8762873017
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5900c116c4f0e5a147c0946c0ed0790116b07cd0cae5f9a9732a017b251b5b35
59ae82f4dde9699fe0fb6d325347162a4f0aaf4e64d72d119bff94ab58e97d0f
5a297d9fefc4e4fb322951458651d04825ea4aa02602ad16ff8d6627e982bd7e
5af7f54e4682da1be1484f658f9b15a84537085a4081cef229704a6d8e4ceb71
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5b4c012c740d120a384871f05af3184799f6e2b607767a5d6229e2a82aac103b
5c3bd0fe5fc0cb00d30e889d4df5c7fca893089ef3181e9de7a044e7f0882bb7
5e09abf7e8920c10c96766e7b2f3ed2e054435d6ce0d0aa15fcee5e0182bd0e9
5e1a28c18c7d39627b7b61e7511d3779580b17d616732d330017aed59fa5f783
5e43ce18d6bd66de1c0bd716378e6c3322b21a725f1c592444ed7bef66fe08dd
5efa0b0610403b14c18f336c0717b17ef23ab49093cec7db3daeb4c44ea8ea93
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
612a2c9d192156b4599b2668a0feef403dced746aa825a5b44ed416eb1baf0e1
618bd9f4ba12ae14543ab4bba76c19dc8d8e3eec340ced7a7861c91cec8762ef
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624123e08565d80f24b264535b2168c174c9d93e0862f0d11959dfe81d43bbb0
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
637fdd90d1fca2cbbb5eb815125ee51016a510da1ece572fec62867921fef8f1
646c747b3e5fe8d484efe45767d7752511bcd164b5b85796d565f8d46779daca
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
6570b1c2cbf3c298c9196fe9dfb39125e29e70ef7ab53d23d8d156ff8c2b8e14
6616496a4b1ddc301855b25aa43ec6cf0c7b1e0a8bf98d7a30dc517965589a3f
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66ec8f675cdc10f8613cb0af8fd4535a03f83e19009af30d320bbe551d132e09
686308b8beff17f784bdd66aec9c886d13cbbef632ef153a4c34f43a873b41a0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b505e3b944af95571915802e44a7dd6e4f91667f50e0fb5446a734c6e4558b7
6bab99608ee93416fa40acc0a63aef0d608d7be5e16ae1164696b74451e497cf
6c2c4249e4dca202256e699a2d1cc04c34cebe6d411fbdccdc08d96168e4807d
6eafbd8ea845bbcf3187b65f3051f8a2c0526903e81ace13834af61e095344eb
6f7e54f450763464188c84e7f7606aa86f3351dd9c20e4a84d83d28b5a5b8228
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
720db81c641221066f5b4a272472cc8f87973ac298f7e25cc906bb15a8ce339b
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
751718bb402b4053f424abf4b3ca2d2d984e07cf8027b75c344272556e5f7a0a
7518cb7b94074613fa6602aa9be438d19a43ca54b16955cd315f6c4e8c11e60b
75ad345dd6ee228cfb334edf436cb138efeb1b9472015a84aefcedb976a52274
77f1049a76c92d1b45e0751002bf59f26635d00018946c64213a4c43a840bd1c
785d9bdda78657e72f1f088290ef28688dc0bdbec4e31afed39a047d0357197c
794008db76499ecb1406d0c4e1b721417674a0dde9e42e15e63c0cd5ad3e862a
7ce57162fb4eecd9b22dbf6d02cde9a1e35d666be4dca61f3a4f4abf92817c81
7d9009cf219818e7c961d780b09fb6af729abd0ddae49ee766fb7303db588fc2
7d912096104be646d8b7927d5612623fd13c9740a4bf800ccad14f427bf9f0b6
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
81844d3605df6da453231ef27f210bd7ce101daf4ee0da86abc7eb39af3feea0
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847299c4d2737a29128e8d2310ad3e9c1355045cb5e08507f7136b1274a4d0c4
84968f9a01c83a3e126aa40184b33a3c42561842018129d1230ec7e363d4c3d9
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
85572a06db401e12d0f9c4278e97c03970baa11e046d4436ff5e0b1404506caa
85959941ab12a5f6a9debebbf56c7b1471d829a390444ee7ca96116afc7b8ff2
874a38db2093d33c9e3d66d840d339532b1cdff95b6bc84e2a08a6c0a885bc46
877e20b408a30402d439bf0c60191870e5c089be42e291bb202961cbdfa07b49
878908d6ce5642be724d76112af88672ab9559cf8b1e52a37faeac1acfd1e468
87b6d97581295439623b3a80e0d01eaa64c202df17afaf164df4ecc5f47a63bc
8833ed51f602a3421682dd811ae9d15a574ea9ebffde6055d6fd1ffcec016822
8862f2c85acbd05d6716dfe7883d09b378449b3878e92440a5d936f5a4765fdc
899fa99d27fbc39ac33df165cda6a683654647349ebf92b46b737ed00f3f5ca5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8ad1ce2c39949f193dfd3dc3e22040bb451519ca664a06b212705c23714fdb0d
8b56bb2da9fa7ad26d9382d9aa2fa372036ea327361d0e84d2b7c4c0ac65a4ba
8b631c7596aea9638d9e48e51512e68be65e04a0eccae85d39621610557c1a3f
8b91afa8893c00069ee92faeba0b68734a332d71f0945e0795f08acd6c4b984f
8e2ca51357c1963264828b8b8546b6a500a11f7a3b84204d2b35f4fc35ae3f4e
8f4a7f0dc50a72635a52e501e781b5b69b0a8850cc486bdec670433faa457fd0
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
904c6b0d37c3413174c977c57f79055c2fec5d75ae2f254703ea981ba11ed572
906b2a7baed50703db09de97bff4b6a0afda8a6b293c886f1385c0dc93073a16
90816272c28c1206d19bfa325b59453979c1dac41b9e527bb345106ef4dc8452
90d97a57757837b16b0bf9fac2df05311fbc09679aa7dcb2b7a5f6b3d118166e
9137eb947ab0366f4105310ad8ef766be8afbb853bb26fda86fd71ba251fc382
92c9de8a507a62cfb5e8122a5bc9dcdf17efe8adaa20d2b575886987bbfce4ed
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
94e4531e20329a770458f626eb9cbe307749c18dab3abb53ba98aacadedb2b2c
9503895e22357c19257c3e49315f13ad632731cec40ba455a01036cbe3962081
95965dc4751886d9d0d156bec22ae77de60b9fc411ba5667c87aa79b34ceb3dd
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
968ae6e9a4f35b44f9a66226f0c1eaafdb1a630cf673e7dffb552390f69815d5
98ae01a9a53a2c022ae813bfe508b425c6b91373e51a4f3705aaf58dde64448c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99b97fc965e8a02f3d64e974eedc64f7bb7124a65cf9a6823f9dfbc5d281694b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ae521c7a3f5395ebb518208a75ad1e32aef8e926d2a3849d6d19e057ac2dda4
9ce2706e0cf26572acc4adbceba6a52f2bfc5b3eb9c9f98cd736322ac3c112c7
9d029241e42d6aa494cfb6c41908f717c6106f63703691e1e4e491f2116eadef
9d9febbfb3aea663e94dcc5ec66cd35c1a8bda8af7bbf043fb34a5e316487a45
9e28fa9d82242b662e465442400ccf862cc3bbd8d3f948513a5ada603cde4332
9e3b17fdf611394823c64f9ccff0bd1963a0f5894a5940b1b28cc80f1eece06b
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9fca6200e6de89e0c392a3e843c61e3ee1c962eb130a39046c127a7bb5f6f882
a03af8bf7d64a1e87036649f39c57be7407e6854b2ad85760e30afd70bc5bb2e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06e078a61b4ba465d3a019a7009607bdf844861f1fbf837ed97ab9a14590338
a09608786d4875002eda7ef4adebe803f615405a65d60e4a1e53b34fb83fe6f1
a0a22c7150eb7a66c6e56dac306c17fc1c94295565013ab603e12520a363620d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11d62109f30ddb0d4b4f74e8b340ccc50a471ea1e5a888a5f17631c31cf9545
a14389d64bd945f23e5574f37991080b418fe21d22387bfa7d6846474f03f87e
a1f6e7d6305e9ec2b13f2e65ebb9d8d97a8ccc9cd74ba5f4e604f5aa83eea2f0
a2b83fe5bc8004d7c5b3bd9cb718cdc6d7603ea53bafb9dce3afe4b0bb9a53ad
a30c2660d5d677ca4bb908389052eaf7591c938ef3c0e1ecde7e3c62b7fb787b
a313013603ab035c0ce44c9ecc5f9bbf5e6f3e7850dca93464b1d44d3b0b0b31
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a571c0d8f7c25bd282e8d038c5c2c8cb13b094f9e0a756989e3764bba404ee1f
a5d975a69a5a3338e00ea9d3f40b59bb24ca768712cd2a32e48edcaa45bb5edf
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a7128527e7bb40dc1991ec7abb72edcdc0b2e380c6f2d5dcf0bad380392f3aa5
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a92295e29788ce06fa66f5cb8f42bd3235fe261d96da97f0f424028270eda944
a923940cf3226db34869a09aa235208db76b66fb10d8dd67585bb65a7f28bf13
ab3651b53a38a644db2190843af20d306d9c05796c5b57609bdf7c7e894aea83
ab8c54fc89b6a487d16cb1f1983ffc38dc364640851453c40b23eef00d3d703b
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
af1385f27ad1af080a7075e6f788e4618f0e29d524d8d4e60f60011e4c5563ae
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b149251aaa2d8711bb9150256673db9baea54864153236e5dabac067c1fedb13
b1af11c32d42ff7931eb8ca57c539ed1f6c7da50a729c24c40b98bcba83d181b
b20b68186a8e5458fd25cc956d5417ea59c956a6a41f0649014789e3c99e14a6
b2ec15bc4c6ba4cc7770d2ab4f63e73c5b906784717dfe2fdd6481ebff71abf3
b305ec62d4bd57719fa55c07efab0ac818094546e75a51828ad9e0998d191663
b3523e4b6b33ae2aabb2f7dc70e3d95dd4ea3eb6cfdf70adec7b8dbae954e988
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b5006496f82b6cf11d09953c6ffdf70c3445826708454d034989d15ebb464038
b72ae9b2d98960315a7699e4af212e3d2893236c817cefa57db42bbdbc5477c5
b98dc726aa5bd1cc0dbcc56211e72cb5f87debe7e363fc1057479a4527b06462
ba08f4f31ee050189b7a5d8616864e25bac36c06ac5799550b79d96b569bf198
ba6b180d3a10a32e1a01408d0ee657312f70bf9cf82771d5e23f49caef342348
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb30f53f2ec33b0b0c17901ef503e51ff2f063d1ffb5352b183f84e67d58b803
bb4c8c05b0989e2551d3e187658bc9eb0808b56a4f38b097d50111cfe6fd51af
bc1e4c932273d9be469621a74dadc6e966ee370016d030a04e51c1a1ae208878
bc49f3c9b79c3f8a5bd6233ce3c49bf3126244a307e76e27fc50678e96a9ed46
bcefdad5d240571deded198671683a6c32bb01e4af970c73f28de13a6a48348a
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
be95fcfef8b782ee5f2f61a4adf5bb27d8139812d7640137e1f8f12d41a4073b
beafe9f247d9ea85944d59c897004957fd13dfdb0d381af62d39ab8c3edfe5da
bf7bf5bbd672e8902673cd254c55d5a64b899a32aef072e9f68de54eb74aac6b
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ade1eec15ce760812166a5df316f9349ef7a520cb938accf13c5b48185d4e1
c2b4700d49a18bb29aa7bdfebcb6df3ddc2bb7f672a5e128f5d2979722693b9d
c4276ce0d77fa79310e9b0bead88d8065c5ea2905ac6151d7b0ee11d31a7fe1c
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de
c9ce37708ca22858db9fb348eaa4d1806b5df5add2506ec14739d4448c9daad5
ca750ccef94a066a39f8975dee2c78755eed5f980a2a209d700aaa25564e290e
ca757707a9dbf3c55cd0c8ebaa996f5d39eaca509517b9ebb165ab99edd85d93
cbd42e1627e055ab2b8b4a08069144eb764c64815c5f5f3172883b53cdd235a5
cc429e4507860cb9568c00683cb49192b8b3e1b09106fcb3d054be45ad95465f
ce322cf07a9f9c5015882172091756275fe22341d834504314507f6732ec87e5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d20071714e15ece393fefac7bfbc44b45c8a96790b50b62715efc1aad3df244c
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d30554fad6d2131a1f86b6ccd7a314afbf47c19a2586248d101988c1a3c4fe1b
d30c1f95fda4d20f4bca32ed409faacc7d2f8dc719611ccdf480a41550f2b9db
d38d8666b7d0178eaa958e31a3ee0d6cf5576511b40e31a9896b9b432ca22488
d38f41d7be1af37db6f302d4d0fe35ab9ce0b6d515d9cfbbbdf3d05ff737bee8
d4069a55d26ae713f49eadc49069b29480bbf323628fb1358cf2d81a1d630afe
d42bb800a50ddbf348ff64fa765ef182f93e2f8b64d65fc6ed2f5f97d602e64d
d46ba5ea289156f6683267bfa1e60671ef1d4d0594da3110eb74fb18e4e7d65e
d4db3ea8047c07f945d0adca52aef8e3778acfbf02154fcbc2626928784d49e5
d606342f6fde4b71c5303165421e526b9b1b88d81db29a24d5837beb1fdfa4ae
d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f
dc123e1fdfe40c519213aed6431da35e0b5aa556e35dce4a4146417f02a335c3
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
de26b8f0af54bcd80d7db7f6a8413a75120ca0e76e67ee8a9b32eccb758aeffe
de691b6d025bc044a19093616a7098d20d1d5d040ae6f6ef5d08be747a1916bf
df2e70be4a8ed0fbd4fe130176c4f5348cdb30badc76e904a0748639f59966c9
e200a6c1a6abc62b91fa6dd0dccb47e05ea45cac5b49b8c5cbb21253a7726072
e2bfda219a19d909d47caf9641fc5cc6699a0a254a7042e2e8e6ea7d245911b1
e351a4def3c5e76899bac16564adac935392a33d627a7e478b8f83a09f0d5045
e3998231d75338acb163a0ffa198db479f280cdfdbbe580c1168e2a5fa927f06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f4325d2251a1fb661e38826334015128eb74701e9951dcb1fa40a5a32a9ec8
e6ea7385c5e0f6b39167f61372c7c480d5467d0a5befbc3f88e04f8aa3e3a783
e78d23ae6e5e0f82394424866f999a7247b301cb7ccca0fe39ad303121be8061
e81c248b5ead146b62a1d4da26be147cf9873e714e74e66daa5bd113a0e0d2ba
e8669a1acfa0d29600deae96b3391fe688d2ad3113651843eb250ec5162e8ab1
eba09f29a0cdea4d1aeba54d4152732ab437c23c49ddce098e77a5fed7cb672d
eea2130de31fd6a2080e6687452de23cbd752c19f2c747a50dbe93f3cc6a0091
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef414ea1c1e9ce3cbfe2962bfa47fa5086d3461f5fd95c8831a6abfb6f36cdce
ef5a01844a9c32cef5fc5fde48c93aad4a06b2d21a231dd85f5a371767ff052b
efd89a165c9ceb52602d464d7620d63e7bc46245d38be46b2454774522fe3646
f0aee2549e7bfd48fd1ffee88ada8efd14b6cb5e074322682b285968326bddee
f0b2b6b0deadda455cabb0dbf7c7d087b8450d680cc5522e1500dbd994e46f48
f162d79e1ecca18e012cffb391e558ef6835d12a4619f05ccf99db0f216c49a1
f215bb5b4c626392e4accf2dc23286ca110d204e226bdb7c954f90b411d96db9
f31c0502eff8d0cda4913bfd36bd6400c29907c928ef7c75e8b9f70befc2549c
f39759cc5d69473b0915c80d9044bee2cb142445fa479d9356151d8d1de5c77e
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7201ffaf6b8cccb29d4471580f4847f2d92d1d0f93e38c9aa25db97f45b045e
f7f027606ba3a2e0919e17fc3ccfb13473ab1e46a06d59af079623aee865f38f
f835f4bfc0a9c90c2ffd9305538e414f97e68be51a6ae41cdef78d2af9788add
f9a14368257e7ae608b41966f9d8551e61390e593400e69013ea2e39ecd097a9
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc4486bbdf8740307d3efd8f6740f37fbb1a63958981cfaf20b26f75a5c91865
fe892d168d8119035fc0fc6ec5a75445a53f95a7465bbe5cf65648a8c04c1d25
feddba2ded06c70a7e86adbbaf83077f84af14045443ec5cb9cd1a1d716c789a
ffdf38f399dcdb49abadf84acec2e27e025159b118b7b539c331031896886c97