URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Submission: On September 19 via api from CA — Scanned from CA

Summary

This website contacted 148 IPs in 7 countries across 120 domains to perform 487 HTTP transactions. The main IP is 2600:141b:13::17d7:8228, located in New York, United States and belongs to AKAMAI-ASN1, NL. The main domain is www.al.com. The Cisco Umbrella rank of the primary domain is 60076.
TLS certificate: Issued by R3 on July 22nd 2022. Valid for: 3 months.
This is the only time www.al.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 2600:141b:13:... 20940 (AKAMAI-ASN1)
10 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:1901:0:8... 15169 (GOOGLE)
1 13.224.214.35 16509 (AMAZON-02)
2 2600:141b:500... 20940 (AKAMAI-ASN1)
2 2607:f8b0:400... 15169 (GOOGLE)
4 35.71.130.31 16509 (AMAZON-02)
2 34.204.136.32 14618 (AMAZON-AES)
2 2606:4700:440... 13335 (CLOUDFLAR...)
10 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 23.78.168.242 16625 (AKAMAI-AS)
3 143.204.150.76 16509 (AMAZON-02)
5 108.138.128.46 16509 (AMAZON-02)
33 151.101.193.44 54113 (FASTLY)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
1 23.200.169.61 16625 (AKAMAI-AS)
18 13.224.214.76 16509 (AMAZON-02)
1 151.139.128.11 20446 (STACKPATH...)
19 104.76.105.242 16625 (AKAMAI-AS)
1 13.224.214.22 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
6 2607:f8b0:400... 15169 (GOOGLE)
1 18.164.131.14 16509 (AMAZON-02)
1 104.76.105.144 16625 (AKAMAI-AS)
2 5 13.224.214.16 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
2 13.224.205.31 16509 (AMAZON-02)
1 99.84.174.182 16509 (AMAZON-02)
1 2600:9000:21e... 16509 (AMAZON-02)
1 99.86.224.95 16509 (AMAZON-02)
15 3.224.10.93 14618 (AMAZON-AES)
2 151.101.65.44 54113 (FASTLY)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 52.207.19.117 14618 (AMAZON-AES)
1 23.64.61.72 16625 (AKAMAI-AS)
2 52.3.43.165 14618 (AMAZON-AES)
2 35.170.24.35 14618 (AMAZON-AES)
1 18.164.101.60 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
3 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 23.78.200.97 16625 (AKAMAI-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.224.214.46 16509 (AMAZON-02)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.102.194 13335 (CLOUDFLAR...)
1 5 52.23.59.39 14618 (AMAZON-AES)
2 52.46.141.85 16509 (AMAZON-02)
2 99.83.154.140 16509 (AMAZON-02)
1 35.190.59.101 15169 (GOOGLE)
1 2600:1400:d:1... 20940 (AKAMAI-ASN1)
1 23.192.21.246 16625 (AKAMAI-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
1 13.226.16.121 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 34.107.148.139 15169 (GOOGLE)
2 104.18.18.126 13335 (CLOUDFLAR...)
1 52.44.243.126 14618 (AMAZON-AES)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 2602:803:c002... 26667 (RUBICONPR...)
1 52.205.167.202 14618 (AMAZON-AES)
2 9 209.54.182.161 16509 (AMAZON-02)
1 141.95.98.71 16276 (OVH)
1 2607:f8b0:400... 15169 (GOOGLE)
8 2a03:2880:f13... 32934 (FACEBOOK)
2 3 185.167.164.42 198622 (ADFORM)
3 5 8.28.7.81 62713 (AS-PUBMATIC)
1 2 18.233.202.251 14618 (AMAZON-AES)
2 2 34.150.170.96 396982 (GOOGLE-CL...)
1 1 52.55.204.85 14618 (AMAZON-AES)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
13 14 52.223.40.198 16509 (AMAZON-02)
1 50.17.145.253 14618 (AMAZON-AES)
2 3 50.16.197.56 14618 (AMAZON-AES)
1 3.134.32.50 16509 (AMAZON-02)
2 34.197.122.29 14618 (AMAZON-AES)
1 1 69.169.86.38 29838 (AMC)
1 64.58.232.180 13649 (ASN-VINS)
3 10 104.18.19.126 13335 (CLOUDFLAR...)
1 34.111.234.236 15169 (GOOGLE)
3 10 34.98.64.218 15169 (GOOGLE)
2 2 54.160.175.117 14618 (AMAZON-AES)
6 10 8.43.72.98 26667 (RUBICONPR...)
1 104.244.42.131 13414 (TWITTER)
3 151.101.130.49 54113 (FASTLY)
12 18 142.250.176.194 15169 (GOOGLE)
1 4 35.190.60.146 15169 (GOOGLE)
2 4 104.76.100.229 16625 (AKAMAI-AS)
2 108.138.106.100 16509 (AMAZON-02)
5 5 68.67.179.87 29990 (ASN-APPNEX)
3 2607:f8b0:400... 15169 (GOOGLE)
8 11 162.19.138.116 16276 (OVH)
3 23.221.203.12 16625 (AKAMAI-AS)
2 15 141.226.224.48 200478 (TABOOLA-AS)
1 34.239.63.36 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.36.23.219 16509 (AMAZON-02)
1 34.102.146.192 15169 (GOOGLE)
1 2620:100:a001::4 19750 (AS-CRITEO)
1 18.189.125.221 16509 (AMAZON-02)
12 2607:f8b0:400... 15169 (GOOGLE)
1 4 2607:f8b0:400... 15169 (GOOGLE)
2 52.205.122.0 14618 (AMAZON-AES)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
5 5 216.200.232.249 30419 (MEDIAMATH...)
4 8.28.7.84 62713 (AS-PUBMATIC)
14 104.36.115.109 62713 (AS-PUBMATIC)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
1 34.120.135.53 396982 (GOOGLE-CL...)
1 23.67.198.169 16625 (AKAMAI-AS)
1 3 2620:100:a001::c 19750 (AS-CRITEO)
1 2607:f8b0:400... 15169 (GOOGLE)
9 151.101.66.133 54113 (FASTLY)
1 74.119.119.139 19750 (AS-CRITEO)
1 3 2600:1f18:4e9... 14618 (AMAZON-AES)
2 5 63.251.28.233 13789 (INTERNAP-...)
3 199.187.193.130 47043 (SMARTADSE...)
7 2607:f8b0:400... 15169 (GOOGLE)
2 2001:4de0:ac1... 20446 (STACKPATH...)
1 108.139.29.12 16509 (AMAZON-02)
2 13.225.214.57 16509 (AMAZON-02)
1 2 23.92.190.68 32475 (SINGLEHOP...)
1 198.148.27.140 19189 (PULSEPOINT)
1 199.187.193.192 47043 (SMARTADSE...)
1 44.209.207.157 14618 (AMAZON-AES)
1 2 74.119.119.150 19750 (AS-CRITEO)
1 1 69.166.1.12 27630 (AS-XFERNET)
2 2 107.178.246.49 15169 (GOOGLE)
2 3 50.57.31.206 19994 (RACKSPACE)
7 7 35.211.178.172 19527 (GOOGLE-2)
2 2 3.135.132.32 16509 (AMAZON-02)
3 3 35.207.24.140 15169 (GOOGLE)
1 2 35.71.139.29 16509 (AMAZON-02)
1 185.255.84.152 200271 (IGUANE-)
1 31.220.27.155 39572 (ADVANCEDH...)
1 82.145.213.8 39832 (NO-OPERA)
1 141.226.224.32 200478 (TABOOLA-AS)
2 3 34.215.0.93 16509 (AMAZON-02)
1 1 23.21.59.154 14618 (AMAZON-AES)
1 2 104.126.116.163 20940 (AKAMAI-ASN1)
1 1 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 2600:1901:0:8... 15169 (GOOGLE)
1 34.120.155.137 15169 (GOOGLE)
2 23.192.31.127 16625 (AKAMAI-AS)
8 104.77.8.25 16625 (AKAMAI-AS)
1 23.200.168.248 16625 (AKAMAI-AS)
3 3 54.146.152.111 14618 (AMAZON-AES)
1 1 141.148.45.191 31898 (ORACLE-BM...)
2 2 72.251.229.176 32475 (SINGLEHOP...)
1 2 38.91.45.7 398989 (DEEPINTENT)
3 3 141.94.171.213 16276 (OVH)
1 2 2606:4700:10:... ()
2 2 35.201.96.126 15169 (GOOGLE)
1 8.28.7.109 62713 (AS-PUBMATIC)
1 2 52.45.33.138 14618 (AMAZON-AES)
1 1 18.232.9.126 14618 (AMAZON-AES)
4 4 2606:ae80:147... 26762 (CNVR-US-EAST)
2 2 207.198.113.93 13768 (COGECO-PEER1)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 23.192.61.21 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.95.118.179 ()
1 4 23.64.60.24 16625 (AKAMAI-AS)
1 1 199.38.167.129 54312 (ROCKETFUEL)
1 1 107.22.152.193 14618 (AMAZON-AES)
2 2 52.4.169.124 14618 (AMAZON-AES)
2 2 64.74.236.95 22075 (AS-OUTBRAIN)
1 34.199.73.116 14618 (AMAZON-AES)
2 23.221.200.79 16625 (AKAMAI-AS)
1 2 2600:1f18:612... ()
46 2600:1f18:612... ()
487 148
Apex Domain
Subdomains
Transfer
49 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 996
trc.taboola.com — Cisco Umbrella Rank: 697
vidstat.taboola.com — Cisco Umbrella Rank: 2577
us-trc-events.taboola.com — Cisco Umbrella Rank: 5910
images.taboola.com — Cisco Umbrella Rank: 1779
imprnjmp.taboola.com — Cisco Umbrella Rank: 7167
us-match.taboola.com — Cisco Umbrella Rank: 7165
wf.taboola.com — Cisco Umbrella Rank: 2804
us-vid-events.taboola.com — Cisco Umbrella Rank: 6770
vidstatb.taboola.com — Cisco Umbrella Rank: 4775
sync.taboola.com — Cisco Umbrella Rank: 1037
sync-t1.taboola.com — Cisco Umbrella Rank: 1309
match.taboola.com — Cisco Umbrella Rank: 2758
pips.taboola.com — Cisco Umbrella Rank: 1549
cds.taboola.com — Cisco Umbrella Rank: 1446
us-wf.taboola.com
917 KB
48 tremorhub.com
gklfs-x8k98.ads.tremorhub.com
partners.tremorhub.com
37 KB
46 al.com
www.al.com — Cisco Umbrella Rank: 60076
w698.al.com — Cisco Umbrella Rank: 107349
ead.al.com — Cisco Umbrella Rank: 128879
realestate.al.com — Cisco Umbrella Rank: 435559
images-re.al.com — Cisco Umbrella Rank: 539806
report-re.al.com — Cisco Umbrella Rank: 453198
1 MB
31 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
206 KB
28 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433
image6.pubmatic.com — Cisco Umbrella Rank: 648
ads.pubmatic.com — Cisco Umbrella Rank: 462
image4.pubmatic.com — Cisco Umbrella Rank: 835
image2.pubmatic.com — Cisco Umbrella Rank: 883
simage2.pubmatic.com — Cisco Umbrella Rank: 690
simage4.pubmatic.com — Cisco Umbrella Rank: 1191
aud.pubmatic.com — Cisco Umbrella Rank: 4381
37 KB
22 googlesyndication.com
06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
161 KB
20 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1273
privacy.crwdcntrl.net — Cisco Umbrella Rank: 22431
bcp.crwdcntrl.net — Cisco Umbrella Rank: 838
sync.crwdcntrl.net — Cisco Umbrella Rank: 725
id.crwdcntrl.net — Cisco Umbrella Rank: 1389
72 KB
19 moatads.com
z.moatads.com — Cisco Umbrella Rank: 403
px.moatads.com — Cisco Umbrella Rank: 467
97 KB
17 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3380
ads.rubiconproject.com — Cisco Umbrella Rank: 2679
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
token.rubiconproject.com — Cisco Umbrella Rank: 667
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3131
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
eus.rubiconproject.com — Cisco Umbrella Rank: 564
141 KB
16 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1428
match.adsrvr.org — Cisco Umbrella Rank: 342
insight.adsrvr.org — Cisco Umbrella Rank: 624
14 KB
15 media.net
prebid.media.net — Cisco Umbrella Rank: 1065
contextual.media.net — Cisco Umbrella Rank: 559
hbx.media.net — Cisco Umbrella Rank: 1441
cs.media.net — Cisco Umbrella Rank: 1318
c21lg-d.media.net — Cisco Umbrella Rank: 1716
37 KB
14 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 6415
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
aax-eu.amazon-adsystem.com
56 KB
13 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1122
id5-sync.com — Cisco Umbrella Rank: 463
43 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 479
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
dsum.casalemedia.com — Cisco Umbrella Rank: 1306
10 KB
11 openx.net
u.openx.net — Cisco Umbrella Rank: 650
oajs.openx.net — Cisco Umbrella Rank: 3068
google-bidout-d.openx.net — Cisco Umbrella Rank: 2960
us-u.openx.net — Cisco Umbrella Rank: 396
taboola-d.openx.net — Cisco Umbrella Rank: 8484
2 KB
10 google.com
accounts.google.com — Cisco Umbrella Rank: 77
ampcid.google.com — Cisco Umbrella Rank: 2077
adservice.google.com — Cisco Umbrella Rank: 75
www.google.com — Cisco Umbrella Rank: 2
76 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 410
242 KB
8 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
1 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 301
4 KB
7 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 752
cdn.stickyadstv.com — Cisco Umbrella Rank: 5433
146 KB
7 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1358
idsync.rlcdn.com — Cisco Umbrella Rank: 331
check.analytics.rlcdn.com — Cisco Umbrella Rank: 3955
api.rlcdn.com — Cisco Umbrella Rank: 804
id.rlcdn.com — Cisco Umbrella Rank: 561
112 KB
7 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 3071
t.skimresources.com — Cisco Umbrella Rank: 3104
p.skimresources.com — Cisco Umbrella Rank: 4032
r.skimresources.com — Cisco Umbrella Rank: 2933
15 KB
6 advance.net
static.advance.net — Cisco Umbrella Rank: 31128
classimage.advance.net — Cisco Umbrella Rank: 155441
64 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 406
mug.criteo.com — Cisco Umbrella Rank: 2876
dis.criteo.com — Cisco Umbrella Rank: 688
8 KB
6 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1218
exchange.postrelease.com — Cisco Umbrella Rank: 5206
4 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
www.linkedin.com — Cisco Umbrella Rank: 623
px4.ads.linkedin.com — Cisco Umbrella Rank: 6198
4 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
2 KB
5 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
3 KB
5 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 432
ib.adnxs.com — Cisco Umbrella Rank: 228
5 KB
5 liadm.com
rp.liadm.com — Cisco Umbrella Rank: 1667
rp4.liadm.com — Cisco Umbrella Rank: 7652
i.liadm.com — Cisco Umbrella Rank: 604
i6.liadm.com — Cisco Umbrella Rank: 2194
idx.liadm.com — Cisco Umbrella Rank: 2735
2 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 153
4 KB
5 sophi.io
cdn.sophi.io — Cisco Umbrella Rank: 16674
collector2.sophi.io — Cisco Umbrella Rank: 23856
42 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2956
medianet-match.dotomi.com — Cisco Umbrella Rank: 7468
2 KB
4 akamaihd.net
trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 1861
su4jtnlipz2kgyzivdeq-pyypxn-f014c1453-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 1857
eydvgaaamb4gojqacqnqaeyaabrsrkgj-pyypxn-9aab142cf-clienttons-s.akamaihd.net
1 KB
4 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1396
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 649
5 KB
4 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 511
stags.bluekai.com
2 KB
4 doubleverify.com
pub.doubleverify.com — Cisco Umbrella Rank: 5890
vtrk.doubleverify.com — Cisco Umbrella Rank: 1474
18 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3161
1 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 488
1 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
3 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 911
1021 B
3 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1084
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
131 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 562
321 B
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 513
usermatch.krxd.net — Cisco Umbrella Rank: 1103
570 B
3 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1198
loada.exelator.com — Cisco Umbrella Rank: 23045
2 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 637
1 KB
3 google.ca
ampcid.google.ca — Cisco Umbrella Rank: 87375
adservice.google.ca — Cisco Umbrella Rank: 13421
1 KB
3 associates-amazon.com
z-na.associates-amazon.com — Cisco Umbrella Rank: 7038
assoc-na.associates-amazon.com — Cisco Umbrella Rank: 3574
4 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
196 KB
3 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 7423
cdn.tinypass.com — Cisco Umbrella Rank: 5533
buy.tinypass.com — Cisco Umbrella Rank: 4532
95 KB
3 satisfycork.com
satisfycork.com — Cisco Umbrella Rank: 26569
28 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 568
1 KB
2 pswec.com
t.pswec.com — Cisco Umbrella Rank: 3449
1 KB
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 973
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 593
946 B
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3868
624 B
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
828 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 860
538 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1407
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 615
cdn.indexww.com — Cisco Umbrella Rank: 1381
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 407
739 B
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 15083
691 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 436
581 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 877
1 KB
2 trx-hub.com
trx-hub.com — Cisco Umbrella Rank: 6344
890 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 734
717 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 448
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 694
864 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 833
1 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1305
775 B
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 2703
497 B
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 492
468 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2822
p1.parsely.com — Cisco Umbrella Rank: 2187
21 KB
2 blueconic.net
advancelocal.blueconic.net — Cisco Umbrella Rank: 25050
2 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3573
34 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1270
at.teads.tv — Cisco Umbrella Rank: 4237
4 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 678
704 B
2 arc.pub
targeting.perso.aws.arc.pub — Cisco Umbrella Rank: 31248
342 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
188 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1280
c.go-mpulse.net — Cisco Umbrella Rank: 599
51 KB
1 adblade.com
dmp.adblade.com — Cisco Umbrella Rank: 6564
229 B
1 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 739
794 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 728
669 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 909
360 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 919
554 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1190
787 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 9115
293 B
1 akstat.io
68794905.akstat.io — Cisco Umbrella Rank: 12526
199 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2930
463 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 4096
46 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1057
342 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1018
765 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 1308
120 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 524
729 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
63 KB
1 6sc.co
t.6sc.co — Cisco Umbrella Rank: 7799
774 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 742
518 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4108
391 B
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 3290
5 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3109
8 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 3489
904 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 4225
2 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 538
354 B
1 ml314.com
ml314.com — Cisco Umbrella Rank: 1652
403 B
1 mookie1.com
ib.mookie1.com — Cisco Umbrella Rank: 2340
992 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1965
512 B
1 sharethis.com
sync.sharethis.com — Cisco Umbrella Rank: 3157
549 B
1 jivox.com
sync.jivox.com — Cisco Umbrella Rank: 2749
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1406
324 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1400
596 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1360
17 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 2700
44 KB
1 trackonomics.net
cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 5430
28 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 769
3 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3145
137 KB
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 575
467 B
487 120
Domain Requested by
46 partners.tremorhub.com vidstat.taboola.com
24 www.al.com www.al.com
18 cm.g.doubleclick.net 12 redirects bcp.crwdcntrl.net
google-bidout-d.openx.net
www.al.com
18 w698.al.com www.al.com
w698.al.com
15 px.moatads.com www.al.com
13 match.adsrvr.org 13 redirects
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.al.com
06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
tpc.googlesyndication.com
11 id5-sync.com 8 redirects cdn.id5-sync.com
micro.rubiconproject.com
10 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
www.al.com
10 securepubads.g.doubleclick.net www.al.com
securepubads.g.doubleclick.net
www.googletagservices.com
06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
10 cdn.cookielaw.org www.al.com
cdn.cookielaw.org
9 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ads.pubmatic.com
www.al.com
ssum-sec.casalemedia.com
8 contextual.media.net micro.rubiconproject.com
contextual.media.net
8 simage2.pubmatic.com www.al.com
ads.pubmatic.com
8 sync.crwdcntrl.net bcp.crwdcntrl.net
8 www.facebook.com www.al.com
bcp.crwdcntrl.net
7 x.bidswitch.net 7 redirects
7 pagead2.googlesyndication.com tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
7 cdn.taboola.com www.al.com
cdn.taboola.com
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 image2.pubmatic.com www.al.com
ads.pubmatic.com
6 images.taboola.com www.al.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.al.com
5 pixel.rubiconproject.com 2 redirects
5 ads.stickyadstv.com 2 redirects vidstat.taboola.com
www.al.com
cdn.stickyadstv.com
5 static.advance.net realestate.al.com
static.advance.net
5 sync.mathtag.com 5 redirects
5 token.rubiconproject.com 4 redirects bcp.crwdcntrl.net
5 image6.pubmatic.com 3 redirects ads.pubmatic.com
5 trc.taboola.com cdn.taboola.com
www.al.com
5 jadserve.postrelease.com 1 redirects s.ntv.io
www.al.com
5 bcp.crwdcntrl.net tags.crwdcntrl.net
bcp.crwdcntrl.net
5 sb.scorecardresearch.com 2 redirects www.al.com
5 tags.crwdcntrl.net www.al.com
tags.crwdcntrl.net
securepubads.g.doubleclick.net
4 sync.taboola.com 2 redirects www.al.com
4 www.google.com 1 redirects securepubads.g.doubleclick.net
06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 ib.adnxs.com 4 redirects
4 u.openx.net 3 redirects www.al.com
4 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
4 px.ads.linkedin.com 3 redirects
4 z.moatads.com www.al.com
z.moatads.com
securepubads.g.doubleclick.net
06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
4 collector2.sophi.io cdn.sophi.io
3 cs.media.net 1 redirects contextual.media.net
3 pixel.onaudience.com 3 redirects
3 match.prod.bidr.io 3 redirects
3 dpm.demdex.net 2 redirects js.adsrvr.org
3 rtb.mfadsrvr.com 3 redirects
3 uipglob.semasio.net 2 redirects
3 sync-t1.taboola.com www.al.com
3 taboola-d.openx.net vidstat.taboola.com
3 prg.smartadserver.com vidstat.taboola.com
3 pr-bh.ybp.yahoo.com 1 redirects google-bidout-d.openx.net
3 gum.criteo.com 1 redirects static.criteo.net
contextual.media.net
3 us-vid-events.taboola.com www.al.com
vidstat.taboola.com
3 www.googletagservices.com securepubads.g.doubleclick.net
06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
3 ads.pubmatic.com s.amazon-adsystem.com
www.al.com
micro.rubiconproject.com
3 tags.bluekai.com 1 redirects bcp.crwdcntrl.net
js.adsrvr.org
3 idsync.rlcdn.com 1 redirects bcp.crwdcntrl.net
www.al.com
3 sync-tm.everesttech.net bcp.crwdcntrl.net
ads.pubmatic.com
google-bidout-d.openx.net
3 c1.adform.net 2 redirects ads.pubmatic.com
3 06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 t.skimresources.com www.al.com
s.skimresources.com
3 connect.facebook.net www.al.com
connect.facebook.net
3 accounts.google.com www.al.com
accounts.google.com
3 c.amazon-adsystem.com www.al.com
c.amazon-adsystem.com
3 satisfycork.com www.al.com
satisfycork.com
2 gklfs-x8k98.ads.tremorhub.com 1 redirects
2 us-wf.taboola.com vidstat.taboola.com
2 c21lg-d.media.net contextual.media.net
2 b1sync.zemanta.com 2 redirects
2 t.pswec.com 2 redirects
2 medianet-match.dotomi.com 2 redirects
2 px.owneriq.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 ups.analytics.yahoo.com 1 redirects contextual.media.net
2 visitor.fiftyt.com 2 redirects
2 loada.exelator.com 2 redirects
2 match.deepintent.com 1 redirects ads.pubmatic.com
2 cm.adgrx.com 2 redirects
2 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
2 simage4.pubmatic.com ads.pubmatic.com
2 eb2.3lift.com 1 redirects www.al.com
2 sync-dmp.mobtrakk.com 2 redirects
2 pixel.tapad.com 2 redirects
2 dis.criteo.com 1 redirects contextual.media.net
2 ce.lijit.com 1 redirects www.al.com
2 trx-hub.com www.al.com
2 cdn.stickyadstv.com vidstat.taboola.com
cdn.stickyadstv.com
2 us-u.openx.net google-bidout-d.openx.net
2 googleads.g.doubleclick.net 06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
2 image4.pubmatic.com www.al.com
2 pippio.com 2 redirects
2 us-match.taboola.com vidstat.taboola.com
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 aa.agkn.com bcp.crwdcntrl.net
2 sync.srv.stackadapt.com 2 redirects
2 beacon.krxd.net bcp.crwdcntrl.net
js.adsrvr.org
2 um.simpli.fi 2 redirects
2 thrtle.com 1 redirects bcp.crwdcntrl.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.ca securepubads.g.doubleclick.net
2 api.sail-personalize.com ak.sail-horizon.com
2 assoc-na.associates-amazon.com z-na.associates-amazon.com
2 p.adsymptotic.com 1 redirects www.al.com
2 cdn.id5-sync.com www.al.com
securepubads.g.doubleclick.net
2 p.skimresources.com www.al.com
2 advancelocal.blueconic.net w698.al.com
2 vtrk.doubleverify.com pub.doubleverify.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 js.adsrvr.org www.googletagmanager.com
insight.adsrvr.org
2 pub.doubleverify.com www.al.com
pub.doubleverify.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 targeting.perso.aws.arc.pub www.al.com
2 www.googletagmanager.com www.al.com
www.googletagmanager.com
1 id.rlcdn.com contextual.media.net
1 dmp.adblade.com contextual.media.net
1 stags.bluekai.com 1 redirects
1 pm.w55c.net 1 redirects
1 p.rfihub.com 1 redirects
1 hbx.media.net contextual.media.net
1 aax-eu.amazon-adsystem.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 csync.loopme.me 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 sync.ipredictive.com 1 redirects
1 aud.pubmatic.com
1 mwzeom.zeotap.com
1 spl.zeotap.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 js-sec.indexww.com micro.rubiconproject.com
1 api.rlcdn.com micro.rubiconproject.com
1 id.crwdcntrl.net micro.rubiconproject.com
1 lexicon.33across.com micro.rubiconproject.com
1 68794905.akstat.io s.go-mpulse.net
1 eydvgaaamb4gojqacqnqaeyaabrsrkgj-pyypxn-9aab142cf-clienttons-s.akamaihd.net
1 trial-eum-clienttons-s.akamaihd.net 1 redirects
1 su4jtnlipz2kgyzivdeq-pyypxn-f014c1453-clientnsv4-s.akamaihd.net
1 trial-eum-clientnsv4-s.akamaihd.net 1 redirects
1 usermatch.krxd.net 1 redirects
1 insight.adsrvr.org js.adsrvr.org
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 t.adx.opera.com www.al.com
1 s.uuidksinc.net www.al.com
1 visitor.omnitagjs.com www.al.com
1 match.taboola.com www.al.com
1 sync.go.sonobi.com 1 redirects
1 e1.emxdgt.com www.al.com
1 rtb-csync.smartadserver.com www.al.com
1 bh.contextweb.com www.al.com
1 check.analytics.rlcdn.com micro.rubiconproject.com
1 classimage.advance.net 06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
1 report-re.al.com realestate.al.com
1 images-re.al.com realestate.al.com
1 vidstatb.taboola.com www.al.com
1 mug.criteo.com www.al.com
1 realestate.al.com 06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 s0.2mdn.net tpc.googlesyndication.com
1 t.6sc.co www.al.com
1 oajs.openx.net oa.openxcdn.net
1 ad.turn.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 wf.taboola.com vidstat.taboola.com
1 imprnjmp.taboola.com vidstat.taboola.com
1 prod.uidapi.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 id.sharedid.org securepubads.g.doubleclick.net
1 c2.piano.io cdn.tinypass.com
1 idx.liadm.com micro.rubiconproject.com
1 us-trc-events.taboola.com www.al.com
1 secure.adnxs.com 1 redirects
1 analytics.twitter.com bcp.crwdcntrl.net
1 ml314.com bcp.crwdcntrl.net
1 ib.mookie1.com bcp.crwdcntrl.net
1 global.ib-ibi.com 1 redirects
1 sync.sharethis.com bcp.crwdcntrl.net
1 loadus.exelator.com bcp.crwdcntrl.net
1 sync.jivox.com bcp.crwdcntrl.net
1 i6.liadm.com bcp.crwdcntrl.net
1 i.liadm.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 p1.parsely.com www.al.com
1 fastlane.rubiconproject.com micro.rubiconproject.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 exchange.postrelease.com micro.rubiconproject.com
1 htlb.casalemedia.com micro.rubiconproject.com
1 prebid.media.net micro.rubiconproject.com
1 buy.tinypass.com cdn.tinypass.com
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 ampcid.google.ca www.google-analytics.com
1 ead.al.com www.al.com
1 c.go-mpulse.net s.go-mpulse.net
1 r.skimresources.com s.skimresources.com
1 px4.ads.linkedin.com 1 redirects
1 www.linkedin.com 1 redirects
1 geo.privacymanager.io ats.rlcdn.com
1 secure.cdn.fastclick.net www.al.com
1 ampcid.google.com www.google-analytics.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 at.teads.tv a.teads.tv
1 cdn.tinypass.com experience.tinypass.com
1 rp4.liadm.com www.al.com
1 rp.liadm.com 1 redirects
1 ads.rubiconproject.com micro.rubiconproject.com
1 privacy.crwdcntrl.net tags.crwdcntrl.net
1 ak.sail-horizon.com www.googletagmanager.com
1 cdn-magiclinks.trackonomics.net www.al.com
1 z-na.associates-amazon.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 s.ntv.io www.al.com
1 d1z2jf7jlzjs58.cloudfront.net www.al.com
1 experience.tinypass.com www.al.com
1 ats.rlcdn.com www.al.com
1 s.skimresources.com www.googletagmanager.com
1 a.teads.tv www.googletagmanager.com
1 static.adsafeprotected.com satisfycork.com
1 micro.rubiconproject.com www.al.com
1 s.go-mpulse.net www.al.com
1 cdn.sophi.io www.al.com
487 223
Subject Issuer Validity Valid
advancelocal2.web.arc-cdn.net
R3
2022-07-22 -
2022-10-20
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2022-05-01 -
2023-05-01
a year crt.sh
satisfycork.com
R3
2022-08-28 -
2022-11-26
3 months crt.sh
cdn.sophi.io
Amazon
2021-11-18 -
2022-12-16
a year crt.sh
akstat.io
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-04-15 -
2023-04-19
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
*.sophi.io
Amazon
2022-05-11 -
2023-06-09
a year crt.sh
*.perso.aws.arc.pub
Amazon
2022-02-07 -
2023-03-07
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-01-12 -
2023-01-12
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-04-08 -
2023-04-08
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-17 -
2023-04-04
a year crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
accounts.google.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
static.adsafeprotected.com
Amazon
2022-08-06 -
2023-09-04
a year crt.sh
teads.tv
R3
2022-08-17 -
2022-11-15
3 months crt.sh
h299.reckon.news
Amazon
2022-07-01 -
2023-07-30
a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA
2021-09-27 -
2022-10-28
a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2021-11-27 -
2022-11-29
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA
2021-12-04 -
2022-12-06
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-06-29 -
2022-09-27
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2022-03-01 -
2023-03-01
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
assoc-na.associates-amazon.com
Amazon
2022-06-18 -
2023-06-17
a year crt.sh
*.trackonomics.net
Go Daddy Secure Certificate Authority - G2
2021-12-22 -
2023-01-23
a year crt.sh
ak.sail-horizon.com
Amazon
2022-01-06 -
2023-02-02
a year crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA H2 2021
2021-12-24 -
2023-01-25
a year crt.sh
*.google.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
vtrk.doubleverify.com
Go Daddy Secure Certificate Authority - G2
2021-12-03 -
2023-01-04
a year crt.sh
*.blueconic.net
Amazon
2022-07-08 -
2023-08-06
a year crt.sh
*.parsely.com
Amazon
2022-06-05 -
2023-07-04
a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA
2022-01-15 -
2023-01-17
a year crt.sh
*.privacymanager.io
Amazon
2022-08-26 -
2023-09-24
a year crt.sh
*.postrelease.com
Amazon
2021-12-28 -
2023-01-25
a year crt.sh
api.sail-personalize.com
Amazon
2022-05-25 -
2023-06-23
a year crt.sh
li.lisecurelink.com
R3
2022-07-13 -
2022-10-11
3 months crt.sh
*.google.ca
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-06 -
2023-05-04
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
s.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-21
a year crt.sh
*.eu-1-id5-sync.com
R3
2022-08-18 -
2022-11-16
3 months crt.sh
*.jivox.com
DigiCert TLS RSA SHA256 2020 CA1
2022-05-13 -
2023-06-13
a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-08 -
2023-06-10
a year crt.sh
sharethis.com
Amazon
2022-06-21 -
2023-07-20
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-03 -
2022-11-02
a year crt.sh
ml314.com
GTS CA 1D4
2022-08-20 -
2022-11-18
3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-22 -
2023-02-22
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-02-03 -
2023-03-07
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2022-02-26 -
2023-03-01
a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-09-06 -
2023-09-21
a year crt.sh
*.id5-sync.com
R3
2022-08-18 -
2022-11-16
3 months crt.sh
*.liadm.com
Amazon
2021-10-31 -
2022-11-28
a year crt.sh
piano.io
Cloudflare Inc ECC CA-3
2022-04-27 -
2023-04-26
a year crt.sh
id.sharedid.org
Amazon
2021-12-09 -
2023-01-06
a year crt.sh
oa.openxcdn.net
GTS CA 1D4
2022-08-09 -
2022-11-07
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-01 -
2022-11-30
3 months crt.sh
*.uidapi.com
Amazon
2022-02-10 -
2023-03-11
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
www.google.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.6sc.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-08 -
2023-03-11
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-27 -
2022-11-22
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
advancelocal.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2
2022-04-25 -
2023-05-27
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-06-14 -
2022-12-07
6 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1
2022-05-19 -
2023-05-19
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-12 -
2023-02-12
a year crt.sh
analytics.rlcdn.com
Amazon
2022-07-27 -
2023-08-25
a year crt.sh
*.trx-hub.com
Amazon
2022-02-20 -
2023-03-21
a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-07 -
2023-05-08
a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2
2022-05-18 -
2023-06-19
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-21 -
2023-07-21
a year crt.sh
uuidksinc.net
R3
2022-07-18 -
2022-10-16
3 months crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1
2022-05-18 -
2023-06-18
a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-19 -
2022-11-19
a year crt.sh
lexicon.33across.com
GTS CA 1D4
2022-08-27 -
2022-11-25
3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-12-12 -
2022-12-13
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-05-02 -
2023-06-03
a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020
2021-12-06 -
2023-01-07
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon
2022-07-20 -
2023-07-19
a year crt.sh
dmp.adblade.com
R3
2022-09-02 -
2022-12-01
3 months crt.sh
*.tremorhub.com
Amazon
2022-03-24 -
2023-04-22
a year crt.sh

This page contains 43 frames:

Primary Page: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Frame ID: 77C0204CEA6EF28A5C11341E4CFE1647
Requests: 291 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=958
Frame ID: 6077CB3F3EF58C73BDA2C9D118D3CC1E
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.8658987637149114
Frame ID: 991701C20C0DCA8040D016584A5B1ED3
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 62041FE698FD0C02C27E100E7C0F57B0
Requests: 1 HTTP requests in this frame

Frame: https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B56EB539943BCB2802F44C31EDD65B11
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_an-db5&dcc=t
Frame ID: DDD3E198D164876283B7F4844951B79A
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Frame ID: 3ACCECDBFB4ED96B0EAC339BD9094870
Requests: 27 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=an-db5_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: D6FA606B45CDFEB074E7F04C194E50C1
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=2310414087477230896&ex=appnexus.com
Frame ID: DDE5F1BDE72D4F0DE8B210727D1A48AC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 9A0820D0055FD620275E55185CEC0BF7
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D91C3866AE0E717CB625C47778525EAF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1285ECFB74399CAC6D1D86B11416ADDE
Requests: 1 HTTP requests in this frame

Frame: https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9C61B15DE3AB47177BC68C8C9148FB04
Requests: 10 HTTP requests in this frame

Frame: https://z.moatads.com/advancedigitaldfp80721595993/moatad.js
Frame ID: 894C1C0B4B9AAD5C2F1C9F7FB349C2DF
Requests: 9 HTTP requests in this frame

Frame: https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2A2AC4445F40D1AFDDE4F442F77A8777
Requests: 16 HTTP requests in this frame

Frame: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7rYkCFgODgj-liuch-gSDgj-liuch-gUAAAAGBscHJLYyzWaG5cStGQwma9FssFsrR57dWjGcGUbDzWS4MWyMQGIr02xmWE7cmsFgshbNBru1cuTZrRXDmWE03EyGG8PGCiTS9BlNB0nDaTYInRfL02QQFV1vi93hNHsOaoGsaXL53TCGptPhc93rdb_fXWG2a_xuv9zl-_wlg8lkL1juNS_L0-_6vEUO08MtsbwcHqNbYXqrLi7LW3P4m85On9H0eQsdHq_L8tb8PU6H2S1yeVyG09NvtwtNb7MdAAAAAB7-____IQAAAAAiAAAAACQAAAAAKAIq_i0ELgAAAAAw_v___zUATDYEokMOhPbbTZeXw-wPAAAAABAAAAAAEgCB9KYSgA_Vk5P__________5gB-swbmf____8bhR6ABx-AByEAAICLofEcN8x2MYQGIgLFIkYAAAAAlTiZtUeTOqGyqPr__--3ArgCAAgYtJoGWsnSHZR4CwMAACAYW6CHxe83O-wav9tl__________9m_2f_aEI2AABpwpMo9mq_gAAAa7-AAABs2kZuAABvAXBBZ4DD0WwwXB1BrEaz2QEAAADc_f___-uBlG-y2C02Lo9n4hxulrvlbLfxOBfL3cK4W-5mG-9J9e-3lVtkyveRSNNnNB0kDafZIHReLE-TQVR0vS12h9PsOagFsqbJ5bffhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCyW4xcm8HErRusLG7RaLBYC0e-3VpjMo5sFovH5bAY1qLXx_SwTCYr02iLggFhe5E8LdKJwuIcLjfOxWQ429icy9VqsRkNdpuVZbJZToy74UQs0Zws0onssm_5JovdYuPyeCbO4Wa5W852G49zsdwtjLvlbrbxV3aLkWszmLh1g5XFLRoNFmvhyLdba0zGkc1i8bgcFsNa9PqYHpbJZGUa7Ruz2WY2WA4mw31jNtvMBsvBZLjv0Bm-q8_Z6NsMax2f5q-eGY41h0HhMli8K9VppS1IDtrsVeR0aWbKos6ofH5HXoPCc_CYftab9izOKYfWY_R7MCpiieAinShMtofd43IrzA6Lw-2wiCVK00U60ctdvs9fMphM9oLlXvOyPP2uz1vkMD3cEsvL4TG6Faa36uKyvDWHv-ns9BlNn7fQ4fG6LG_N3-N0mN0il8dlOD39drvQ9DZbxBLB6SKdiF7G00X9R4cYLeeq2Vyx2swVw8UqAQAAAAAAAAAsYcq8CQAAAMBpEMvBbrlb54EMdqvFbrVcgAffUN0f62Ra3HK6g91U_l_li_LM5eLGjx_CZHvYPS63wuywONwOKwM8TEIwb_5MEGu1WtYAAAAC2AAAAAHcunkLRIfi_____-MAAABk5OgBAACO94GuAAAAAAAA-AlwtZwN!&cmcv=&pix=undefined&cb=1663609029899&uv=3226&tms=1663609029899&abt=206725b_vA!206725b_vA!amplean_vD!ecp_vC!eidc_vB!id5mc_vB!inc_all_video_vA!spa2_vA!ul118513-590_vB&ft=0&su=4&unm=INLINE_INSTREAM&aure=false&agl=1&cirid=6e46f09b-3002-4607-9d37-18f048328c0c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 122132434FADBB4CCA05DCE8B42B9390
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V7rYkCFgODgj-liuch-gSDgj-liuch-gUAAAAGBscHJLYyzWaG5cStGQwma9FssFsrR57dWjGcGUbDzWS4MWyMQGIr02xmWE7cmsFgshbNBru1cuTZrRXDmWE03EyGG8PGCiTS9BlNB0nDaTYInRfL02QQFV1vi93hNHsOaoGsaXL53TCGptPhc93rdb_fXWG2a_xuv9zl-_wlg8lkL1juNS_L0-_6vEUO08MtsbwcHqNbYXqrLi7LW3P4m85On9H0eQsdHq_L8tb8PU6H2S1yeVyG09NvtwtNb7MdAAAAAB7-____IQAAAAAiAAAAACQAAAAAKAIq_i0ELgAAAAAw_v___zUATDYEokMOhPbbTZeXw-wPAAAAABAAAAAAEgCB9KYSgA_Vk5P__________5gB-swbmf____8bhR6ABx-AByEAAICLofEcN8x2MYQGIgLFIkYAAAAAlTiZtUeTOqGyqPr__--3ArgCAAgYtJoGWsnSHZR4CwMAACAYW6CHxe83O-wav9tl__________9m_2f_aEI2AABpwpMo9mq_gAAAa7-AAABs2kZuAABvAXBBZ4DD0WwwXB1BrEaz2QEAAADc_f___-uBlG-y2C02Lo9n4hxulrvlbLfxOBfL3cK4W-5mG-9J9e-3lVtkyveRSNNnNB0kDafZIHReLE-TQVR0vS12h9PsOagFsqbJ5bffhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCyW4xcm8HErRusLG7RaLBYC0e-3VpjMo5sFovH5bAY1qLXx_SwTCYr02iLggFhe5E8LdKJwuIcLjfOxWQ429icy9VqsRkNdpuVZbJZToy74UQs0Zws0onssm_5JovdYuPyeCbO4Wa5W852G49zsdwtjLvlbrbxV3aLkWszmLh1g5XFLRoNFmvhyLdba0zGkc1i8bgcFsNa9PqYHpbJZGUa7Ruz2WY2WA4mw31jNtvMBsvBZLjv0Bm-q8_Z6NsMax2f5q-eGY41h0HhMli8K9VppS1IDtrsVeR0aWbKos6ofH5HXoPCc_CYftab9izOKYfWY_R7MCpiieAinShMtofd43IrzA6Lw-2wiCVK00U60ctdvs9fMphM9oLlXvOyPP2uz1vkMD3cEsvL4TG6Faa36uKyvDWHv-ns9BlNn7fQ4fG6LG_N3-N0mN0il8dlOD39drvQ9DZbxBLB6SKdiF7G00X9R4cYLeeq2Vyx2swVw8UqAQAAAAAAAAAsYcq8CQAAAMBpEMvBbrlb54EMdqvFbrVcgAffUN0f62Ra3HK6g91U_l_li_LM5eLGjx_CZHvYPS63wuywONwOKwM8TEIwb_5MEGu1WtYAAAAC2AAAAAHcunkLRIfi_____-MAAABk5OgBAACO94GuAAAAAAAA-AlwtZwN!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: FDE1AC10D1F3A7C9033B56C755FCABE0
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59
Frame ID: 665B0068D7B89AD58A8D505347C8F0C5
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 4A376E6231B25F665D1F1A04DBA99DA3
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID7DB2CA13-E8A7-4FDA-984A-416FFC946F59
Frame ID: F36B52F8D92D5D610BD991F1374F1FE5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16005181246223008224/970x250/SailPoint-HomeDepot-Stat-DigitalAds-V1-970x250.html
Frame ID: 90C6D8865156AA90704D47FB134D78FE
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.al.com
Frame ID: E38EDEF8237193996283EDED267A8061
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: B43B1DAA9FF8C324C34642319194C68C
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E42BA77BDA66A4BFDE5558EEDA97DDAF
Requests: 2 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V7rYkCFgODgj-liuch-gSDgj-liuch-gUAAAAGBscHJLYyzWaG5cStGQwma9FssFsrR57dWjGcGUbDzWS4MWyMQGIr02xmWE7cmsFgshbNBru1cuTZrRXDmWE03EyGG8PGCiTS9BlNB0nDaTYInRfL02QQFV1vi93hNHsOaoGsaXL53TCGptPhc93rdb_fXWG2a_xuv9zl-_wlg8lkL1juNS_L0-_6vEUO08MtsbwcHqNbYXqrLi7LW3P4m85On9H0eQsdHq_L8tb8PU6H2S1yeVyG09NvtwtNb7MdAAAAAB7-____IQAAAAAiAAAAACQAAAAAKAIq_i0ELgAAAAAw_v___zUATDYEokMOhPbbTZeXw-wPAAAAABAAAAAAEgCB9KYSgA_Vk5P__________5gB-swbmf____8bhR6ABx-AByEAAICLofEcN8x2MYQGIgLFIkYAAAAAlTiZtUeTOqGyqPr__--3ArgCAAgYtJoGWsnSHZR4CwMAACAYW6CHxe83O-wav9tl__________9m_2f_aEI2AABpwpMo9mq_gAAAa7-AAABs2kZuAABvAXBBZ4DD0WwwXB1BrEaz2QEAAADc_f___-uBlG-y2C02Lo9n4hxulrvlbLfxOBfL3cK4W-5mG-9J9e-3lVtkyveRSNNnNB0kDafZIHReLE-TQVR0vS12h9PsOagFsqbJ5bffhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCyW4xcm8HErRusLG7RaLBYC0e-3VpjMo5sFovH5bAY1qLXx_SwTCYr02iLggFhe5E8LdKJwuIcLjfOxWQ429icy9VqsRkNdpuVZbJZToy74UQs0Zws0onssm_5JovdYuPyeCbO4Wa5W852G49zsdwtjLvlbrbxV3aLkWszmLh1g5XFLRoNFmvhyLdba0zGkc1i8bgcFsNa9PqYHpbJZGUa7Ruz2WY2WA4mw31jNtvMBsvBZLjv0Bm-q8_Z6NsMax2f5q-eGY41h0HhMli8K9VppS1IDtrsVeR0aWbKos6ofH5HXoPCc_CYftab9izOKYfWY_R7MCpiieAinShMtofd43IrzA6Lw-2wiCVK00U60ctdvs9fMphM9oLlXvOyPP2uz1vkMD3cEsvL4TG6Faa36uKyvDWHv-ns9BlNn7fQ4fG6LG_N3-N0mN0il8dlOD39drvQ9DZbxBLB6SKdiF7G00X9R4cYLeeq2Vyx2swVw8UqAQAAAAAAAAAsYcq8CQAAAMBpEMvBbrlb54EMdqvFbrVcgAffUN0f62Ra3HK6g91U_l_li_LM5eLGjx_CZHvYPS63wuywONwOKwM8TEIwb_5MEGu1WtYAAAAC2AAAAAHcunkLRIfi_____-MAAABk5OgBAACO94GuAAAAAAAA-AlwtZwN!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: FEDEF061F591F4671D356BD370244237
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: E53CEB003159D73599C344145697B036
Requests: 4 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L891V243-1U-3PG3
Frame ID: 92ED8EE499D546B239567190057C1410
Requests: 21 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=4pdxx2d&ref=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&upid=2p68cyo&upv=1.1.0
Frame ID: 4338D61278CC9B21B80CED4F4B5E915D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 76D5D7A6677A3B16C6683FE0CAB19CA9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FC47793325B8A40FA04ABD0B3F61A46B
Requests: 2 HTTP requests in this frame

Frame: https://dpm.demdex.net/ibs:dpid=903&dpuuid=53ce5430-0132-4e50-8142-31f223e51f5c
Frame ID: C20EA4C2972BC9F47217D9EF13363FBC
Requests: 1 HTTP requests in this frame

Frame: https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=53ce5430-0132-4e50-8142-31f223e51f5c
Frame ID: DD655BE8EB674710BC984BDCEF5A843E
Requests: 1 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/5386?id=53ce5430-0132-4e50-8142-31f223e51f5c&gdpr=0&gdpr_consent=
Frame ID: C94D7B555C948A4E5F4D72691C794EB1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Frame ID: 4D8DA11193DA44EEDBD39103C3DD072F
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 049FA789E3147FF8CF5666083D71D99F
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C238%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C251%2C175%2C132%2C178%2C3018%2C257%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C184%2C261%2C141%2C188%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 449C3992C01DD2E3E11C3078B34F10DE
Requests: 17 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 55E503AB46B239113D7A9B49180808E7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEssk7GUVIAAA8DoQQBHw
Frame ID: 825E6377799CE08DEFD0C5185249E282
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:21b96328-a8c6-4500-bdea-f3c8e6e4e659&gdpr=0&gdpr_consent=
Frame ID: 2A7BF9C21F01BAA318D4903C8F27C9C5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b2eb0008-3841-11ed-87e1-92a75f8dcbdf
Frame ID: 747335A2C5C6291FAFE358570C313B28
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 83BE333EE114C51D4D94F1ECC7C7CA2C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 23CF057820AFD4E506A23ED2A032C7E4
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3066106341454926000V10&type=rkt&refUrl=&vid=36090346663066106341454926000V10&ovsid=1783777316138921154
Frame ID: 9214156ED2B851366DD2E732E08E7CED
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Serious data breach at Uber spotlights hacker social deception - al.comLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronBack ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

487
Requests

84 %
HTTPS

27 %
IPv6

120
Domains

223
Subdomains

148
IPs

7
Countries

4745 kB
Transfer

14636 kB
Size

259
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74
  • https://rp.liadm.com/j?dtstmp=1663609027822&se=e30&duid=8810293dbf02--01gdbd6f7b1z1pg4zmdesbxzja&pu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&wpn=prebid HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1663609027822&se=e30&duid=8810293dbf02--01gdbd6f7b1z1pg4zmdesbxzja&pu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&wpn=prebid&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjE1&n3pc=true
Request Chain 91
  • https://sb.scorecardresearch.com/b?c1=2&c2=6034988&c3=&c4=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&cs_it=b3&cv=3.8.0.210223&ns__t=1663609028139&ns_c=UTF-8&c7=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&c8=Serious%20data%20breach%20at%20Uber%20spotlights%20hacker%20social%20deception%20-%20al.com&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6034988&c3=&c4=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&cs_it=b3&cv=3.8.0.210223&ns__t=1663609028139&ns_c=UTF-8&c7=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&c8=Serious%20data%20breach%20at%20Uber%20spotlights%20hacker%20social%20deception%20-%20al.com&c9=
Request Chain 92
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663609028150&ns_c=UTF-8&c7=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&c8=Serious%20data%20breach%20at%20Uber%20spotlights%20hacker%20social%20deception%20-%20al.com&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663609028150&ns_c=UTF-8&c7=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&c8=Serious%20data%20breach%20at%20Uber%20spotlights%20hacker%20social%20deception%20-%20al.com&c9=
Request Chain 94
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1663609028179&url=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&tm=gtmv2 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1663609028179&url=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&tm=gtmv2&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1663609028179%26url%3Dhttps%253A%252F%252Fwww.al.com%252Fnews%252F2022%252F09%252Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1663609028179&url=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1663609028179&url=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQK6Maj_hK8MrwAAAYNW00Gsrsakhr7oVBVEHII4nujOgwONR4fnkBHNdRs20V7l4B6aBEBJ-A HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=bf599527-ec21-493c-9236-8e0f4948ead6 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=bf599527-ec21-493c-9236-8e0f4948ead6&_expected_cookie=dfd52e9b1a7f2935095ae159b54bd9f8
Request Chain 130
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_an-db5 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_an-db5&dcc=t
Request Chain 148
  • https://c1.adform.net/serving/cookie/match?party=1040 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1040 HTTP 302
  • https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3416866980725250136/gdpr=/gdpr_consent=
Request Chain 149
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&gdpr=0
Request Chain 150
  • https://thrtle.com/insync?vxii_pid=10014&gdpr=0&vxii_pdid=9f0f2299617d4ba9f43b8a63b40f400f HTTP 302
  • https://thrtle.com/insync?gdpr=0&vxii_pdid=9f0f2299617d4ba9f43b8a63b40f400f&vxii_pid=12&vxii_pid1=10014&vxii_rcid=10692042-0ce0-41dc-8cca-e27e0da5898f
Request Chain 151
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=EFC64CBD0BF84FEF9BA13C033C226E52
Request Chain 152
  • https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=9f0f2299617d4ba9f43b8a63b40f400f HTTP 303
  • https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=9f0f2299617d4ba9f43b8a63b40f400f
Request Chain 153
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=53ce5430-0132-4e50-8142-31f223e51f5c/gdpr=0/gdpr_consent=
Request Chain 156
  • https://jadserve.postrelease.com/dmp/5?vk=9f0f2299617d4ba9f43b8a63b40f400f/gdpr=0&ntv_r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D8157%2Ftp%3DNLDN%2Ftpid%3DNTV_USER_ID%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=a1c47631-f2e3-488b-a302-ab8beb2bf768/gdpr=0
Request Chain 159
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=9f0f2299617d4ba9f43b8a63b40f400f HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=9f0f2299617d4ba9f43b8a63b40f400f
Request Chain 160
  • https://ssum-sec.casalemedia.com/usermatchredir?s=183715&gdpr=0&cb=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D6725%26tp%3DINDX%26gdpr%3D0%26tpid%3D__UID__ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D6725%26tp%3DINDX%26gdpr%3D0%26tpid%3D__UID__&gdpr=0&s=183715&C=1 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&gdpr=0&tpid=YyioxYRn5thDcSzcHKUNIQAA%26014
Request Chain 162
  • https://u.openx.net/w/1.0/cm?id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D194%2Ftp%3DOPNX%2Ftpid%3D%7BOPENX_ID%7D%2Fgdpr%3D0 HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D194%2Ftp%3DOPNX%2Ftpid%3D%7BOPENX_ID%7D%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=a25491b2-e2b2-4fc9-8d7c-8a131e8cc76c/gdpr=0
Request Chain 163
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap/c=6569/tp=STKA/tpid=0-58cdf5b5-bd04-449a-6bde-b09e647c1e45$ip$149.56.153.181&gdpr=0/gdpr_consent=
Request Chain 171
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=884623553 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2310414087477230896/gdpr=0/rand=884623553
Request Chain 191
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=2310414087477230896&ex=appnexus.com
Request Chain 232
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fbLKE-inT9qYSkFv_JRvWQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 233
  • https://idsync.rlcdn.com/420486.gif?partner_uid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=2255d5c6fa5601ced96457195714b54b3cc72d66331c8e8f82eaabf433d646d5791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAyMjU1ZDVjNmZhNTYwMWNlZDk2NDU3MTk1NzE0YjU0YjNjYzcyZDY2MzMxYzhlOGY4MmVhYWJmNDMzZDY0NmQ1NzkxNDI2YjU0MTdkY2UyMRAAGgwIxtGimQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAyMjU1ZDVjNmZhNTYwMWNlZDk2NDU3MTk1NzE0YjU0YjNjYzcyZDY2MzMxYzhlOGY4MmVhYWJmNDMzZDY0NmQ1NzkxNDI2YjU0MTdkY2UyMRAAGgwIxtGimQYSBAgCEABCAEoA&google_gid=CAESEGifkJvSOOQhGBygXApXHwk&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=fac9f2e3-c36d-4789-986e-0c501fbcc449
Request Chain 234
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=21b96328-a8c6-4500-bdea-f3c8e6e4e659
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0RCMkNBMTMtRThBNy00RkRBLTk4NEEtNDE2RkZDOTQ2RjU5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 236
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIYpT-QXtIKgfBu3hX-U26Y&google_cver=1
Request Chain 237
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:EFC64CBD0BF84FEF9BA13C033C226E52
Request Chain 238
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2840279727660594736&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 239
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=53ce5430-0132-4e50-8142-31f223e51f5c
Request Chain 266
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=al.com&sn=ChromeSyncframe&so=0&topUrl=www.al.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=J8pOAHx0b3dtQmFuaVhubWxycWk2cHVDdzdnSldBeUxvaVpSN2xLMmhTUXlxekE3VXI3N0Y1ZldTd1ZRTkR3VFZuemIxQkVZVTV0dE1jbEViQWVodXR3UlR4YUY5U0xrblM1UlZnaVdNRHJMcXRiVFNBTTVrTHF0dmVIZWRhQ2d2MjY2RFh4dzlPSGZEZHhybXBzWitsZVNHTGhsTUhPTFZsbk8yVlVQTG9yK0g1Q1ZaUHI5dE9FTjB0TWRqRzJRN2xOVFFmM3BEcThEcUVTTVJEV1dhZXI5Z2UxSUpLTlBJaGp3U2tjUXNFZXFjVVVlSXIxV3kyQitNanpKdE5YeWs1U21welZpMVZkbHJpUTREaFQrUnRHaXhUZz09fA&cppv=2
Request Chain 278
  • https://match.adsrvr.org/track/cmf/openx?oxid=b0224ca1-d84c-798f-eb36-79e88d2ac848&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=53ce5430-0132-4e50-8142-31f223e51f5c&ttd_puid=b0224ca1-d84c-798f-eb36-79e88d2ac848&gdpr=0&gdpr_consent=
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENY-XkX1jE1jZZVWyfGDZ60&google_cver=1
Request Chain 295
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 313
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=a89c953af7787798e8f1a47f17567936&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=e9e0e_7145146381475773380&gdpr=0&gdpr_consent=null HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YTg5Yzk1M2FmNzc4Nzc5OGU4ZjFhNDdmMTc1Njc5MzY=&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESENQj-57RLqCqDR90KS-epXo&google_cver=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=53ce5430-0132-4e50-8142-31f223e51f5c HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/a89c953af7787798e8f1a47f17567936?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-8bBw6JhE2oMEK6OFmjj9nOgvkwy50u8miOK_bOhf~A HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=2310414087477230896 HTTP 302
  • https://usersync.octillion.tv/fw?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1554&userId=833f3fee-d83a-406c-bbbf-66bb03a30baf HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAEssk7GUVIAAA8DoQQBHw&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=2XVuaw5n1OAkHK5&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=3416866980725250136
Request Chain 316
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YTg5Yzk1M2FmNzc4Nzc5OGU4ZjFhNDdmMTc1Njc5MzY=&gdpr=0&gdpr_consent=
Request Chain 317
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=a89c953af7787798e8f1a47f17567936&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 318
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L891V243-1U-3PG3
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEECAsyhj-RPKLnfLianzXVs&google_cver=1
Request Chain 321
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44
Request Chain 322
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=53ce5430-0132-4e50-8142-31f223e51f5c
Request Chain 323
  • https://ce.lijit.com/merge?pid=42&3pid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 327
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f03674c7-8eff-49f4-9a78-0f9fbe12a0cd
Request Chain 328
  • https://id5-sync.com/s/464/9.gif?puid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/6/2.gif?puid=2310414087477230896&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOtC72GwTRi2Vgl8FuK_ZnzHLvrBrALsx1cJ7Qsg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/5/3.gif?puid=21b96328-a8c6-4500-bdea-f3c8e6e4e659&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=53ce5430-0132-4e50-8142-31f223e51f5c&ttl=%%TTL%% HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F3%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/429/3/5.gif?puid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/464/434/2/6.gif?puid=c74b38b7-d1e4-43aa-8616-b98732a9e0f8&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/1/7.gif?puid=93d134d0-5ea6-4555-89d7-3af0e4421845&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F0%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F0%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/112/0/8.gif?puid=995FF7604E9376A8&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOtC72GwTRi2Vgl8FuK_ZnzHLvrBrALsx1cJ7Qsg
Request Chain 329
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=taboola&bsw=eb973ce3-3ff4-4fa3-978c-ae04286c1b1c HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=&ssp=taboola&bsw=eb973ce3-3ff4-4fa3-978c-ae04286c1b1c&chk=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=Y2U3MmJkMTJjNjM2ZTZl&gdpr=0&gdpr_consent=&us_privacy=&ssp=taboola&bsw_param=eb973ce3-3ff4-4fa3-978c-ae04286c1b1c HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=19664485-99ac-4cb7-83c9-5ab210ec6836
Request Chain 330
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=42040130-a175-487a-b818-5a0c5dc976ef HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=42040130-a175-487a-b818-5a0c5dc976ef&tbid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&query=taboola_hm%3D42040130-a175-487a-b818-5a0c5dc976ef&isDirect=0
Request Chain 332
  • https://eb2.3lift.com/xuid?mid=7772&xuid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&dongle=tbla HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Request Chain 335
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=WM31tb0ERJpr3rCeZHweRZU4mbU
Request Chain 336
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=453&user_id=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=19664485-99ac-4cb7-83c9-5ab210ec6836&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 338
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=3718af82-324d-48d8-9998-786e2c576cfc
Request Chain 356
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=53ce5430-0132-4e50-8142-31f223e51f5c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=53ce5430-0132-4e50-8142-31f223e51f5c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=53ce5430-0132-4e50-8142-31f223e51f5c
Request Chain 357
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=53ce5430-0132-4e50-8142-31f223e51f5c HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=PFraC96M&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=53ce5430-0132-4e50-8142-31f223e51f5c HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=53ce5430-0132-4e50-8142-31f223e51f5c
Request Chain 358
  • https://tags.bluekai.com/site/5386?id=53ce5430-0132-4e50-8142-31f223e51f5c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
  • https://tags.bluekai.com/site/5386?id=53ce5430-0132-4e50-8142-31f223e51f5c&gdpr=0&gdpr_consent=
Request Chain 361
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pyypxnd1e HTTP 302
  • https://su4jtnlipz2kgyzivdeq-pyypxn-f014c1453-clientnsv4-s.akamaihd.net/eum/results.txt
Request Chain 362
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pyypxnd1e HTTP 302
  • https://eydvgaaamb4gojqacqnqaeyaabrsrkgj-pyypxn-9aab142cf-clienttons-s.akamaihd.net/eum/results.txt
Request Chain 377
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFc3NrN0dVVklBQUE4RG9RUUJIdw&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAEssk7GUVIAAA8DoQQBHw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp,sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEssk7GUVIAAA8DoQQBHw
Request Chain 378
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:21b96328-a8c6-4500-bdea-f3c8e6e4e659&gdpr=0&gdpr_consent=
Request Chain 379
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b2eb0008-3841-11ed-87e1-92a75f8dcbdf
Request Chain 381
  • https://pixel.onaudience.com/?partner=214&mapped=7DB2CA13-E8A7-4FDA-984A-416FFC946F59 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=53ce5430-0132-4e50-8142-31f223e51f5c&icm&gdpr=0&gdpr_consent=&cver HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=855c8a0f357663e2f8be05b4799443b5&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=350f887d26913a07 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a1755465-5f12-42b2-7fc2-c06014fc944d&reqId=fb098be2-9db9-402e-5b2a-8ca38e6257c9&zcluid=350f887d26913a07&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESENMPywdULlOXDmBSicKBC1I&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a1755465-5f12-42b2-7fc2-c06014fc944d&reqId=fb098be2-9db9-402e-5b2a-8ca38e6257c9&zcluid=350f887d26913a07&zdid=1332
Request Chain 382
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&addseg=10,33,39
Request Chain 386
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KH8nuEdE2uUBgp9p01k0S6yNCCXQs4E-~A&gdpr=0&gdpr_consent=
Request Chain 387
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=61a4c8ac-ec38-474c-a4f1-e44ea2a94d83&gdpr=0&gdpr_consent=
Request Chain 388
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2310414087477230896&gdpr=0&gdpr_consent=
Request Chain 389
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3044100e90a6052c&is_secure=true&networkId=17100&version=1&nuid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB1mcxzU5hdgMk6AFJAAAAAAA&expiration=1663695434&nuid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 390
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4a9a03a5-8298-4e48-ad99-826f2dfe69df-6328a8ca-4341&gdpr=0&gdpr_consent=
Request Chain 392
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyioxYRn5thDcSzcHKUNIQAAAA4AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAqM6N-m17sA0R-J22c9Yok&google_cver=1
Request Chain 394
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyioxYRn5thDcSzcHKUNIQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOTrhyV7UKOLo6_MI7ZDAm8&google_cver=1
Request Chain 395
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=53ce5430-0132-4e50-8142-31f223e51f5c&expiration=1666201034&gdpr=0&gdpr_consent=
Request Chain 396
  • https://match.deepintent.com/usersync/113 HTTP 303
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_13b1e1fcee524ff2889de
Request Chain 397
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=21b96328-a8c6-4500-bdea-f3c8e6e4e659
Request Chain 398
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=102b1551-9a33-48fb-8d43-0e5e1e1a6ed4&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 399
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D%28OIQ_UUID%29 HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7168954341770100695&uid=Q7168954341770100695&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7168954341770100695
Request Chain 401
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5MVYyNDMtMVUtM1BHMw==&us_privacy=1---
Request Chain 402
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=53ce5430-0132-4e50-8142-31f223e51f5c&gdpr=0&gdpr_consent=&expires=30
Request Chain 403
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xt0JX1tCSXyRueuSVTENDA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xt0JX1tCSXyRueuSVTENDA
Request Chain 405
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFIcAkXEHI325lr-ZHCxYzU&google_cver=1
Request Chain 406
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWFlMjViZGU5YzUxNGNiYzk5M2NmNDEwYWRiOGQwNzIwNDQ4YzFmNg&us_privacy=1---
Request Chain 407
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L891V243-1U-3PG3&us_privacy=1---
Request Chain 408
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/uYZoS2QChT_IinqBP0s6UMn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8655959469697021062
Request Chain 411
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3066106341454926000V10%26type%3Drkt%26refUrl%3D%26vid%3D36090346663066106341454926000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3066106341454926000V10&type=rkt&refUrl=&vid=36090346663066106341454926000V10&ovsid=1783777316138921154
Request Chain 412
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066106341454926000V10%26type%3Dcon%26refUrl%3D%26vid%3D36090346663066106341454926000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=fb5cef0f13d19f6&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066106341454926000V10%26type%3Dcon%26refUrl%3D%26vid%3D36090346663066106341454926000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066106341454926000V10&type=con&refUrl=&vid=36090346663066106341454926000V10&ovsid=AAAB1mcxzU5hfQMDHjctAAAAAAA&expiration=1663695434&is_secure=true
Request Chain 413
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066106341454926000V10%26type%3Dmma%26refUrl%3D%26vid%3D36090346663066106341454926000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066106341454926000V10&type=mma&refUrl=&vid=36090346663066106341454926000V10&ovsid=21b96328-a8c6-4500-bdea-f3c8e6e4e659
Request Chain 414
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA2NjEwNjM0MTQ1NDkyNjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEc_7dWgQ5PCzfEQYGEoNIk&google_cver=1
Request Chain 415
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066106341454926000V10%26type%3Ddxu%26refUrl%3D%26vid%3D36090346663066106341454926000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066106341454926000V10&type=dxu&refUrl=&vid=36090346663066106341454926000V10&ovsid=2XVuaw5n1OAkHK5
Request Chain 417
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=medianet&bsw_user_id=19664485-99ac-4cb7-83c9-5ab210ec6836 HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=medianet&bsw_user_id=19664485-99ac-4cb7-83c9-5ab210ec6836 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=3fbb3089-93aa-4e85-9c3c-73c7fb04dc77&expires=3&user_group=1&ssp=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=19664485-99ac-4cb7-83c9-5ab210ec6836&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 418
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066106341454926000V10%26type%3Dzem%26refUrl%3D%26vid%3D36090346663066106341454926000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=idGxQnQncMHqsO-5ZnuV&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLJMRDXQULOKFXGGTKIOFZU6LJVLJXHKVRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTMMBZGAZTINRWGYZTANRWGEYDMMZUGE2DKNBZGI3DAMBQKYYTAJTWONUWIPJTGA3DMMJQGYZTIMJUGU2DSMRWGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLJMRDXQULOKFXGGTKIOFZU6LJVLJXHKVRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTMMBZGAZTINRWGYZTANRWGEYDMMZUGE2DKNBZGI3DAMBQKYYTAJTWONUWIPJTGA3DMMJQGYZTIMJUGU2DSMRWGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=idGxQnQncMHqsO-5ZnuV&refUrl=&type=zem&vid=36090346663066106341454926000V10&vsid=3066106341454926000V10
Request Chain 420
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3066106341454926000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=42040130-a175-487a-b818-5a0c5dc976ef&cs=1
Request Chain 422
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=53ce5430-0132-4e50-8142-31f223e51f5c
Request Chain 423
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E HTTP 302
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066106341454926000V10
Request Chain 435
  • https://gklfs-x8k98.ads.tremorhub.com/ad/tag?adCode=gklfs-9gs2k&playerWidth=300&playerHeight=168&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2FblackScreen60.mp4&srcPageUrl=https%3A%2F%2Fwww.al.com&contentLength=NaN&gdpr=0&us_privacy=1--- HTTP 302
  • https://gklfs-x8k98.ads.tremorhub.com/ad/tag?adCode=gklfs-9gs2k&playerWidth=300&playerHeight=168&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2FblackScreen60.mp4&srcPageUrl=https%3A%2F%2Fwww.al.com&contentLength=NaN&gdpr=0&us_privacy=1---&_tur=T

487 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request serious-data-breach-at-uber-spotlights-hacker-social-deception.html
www.al.com/news/2022/09/
198 KB
36 KB
Document
General
Full URL
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
fd2ae9b801341b26c5b27cadd30e59ac94229ed59af3acd2d1b9e0ad294ad65f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

akamai-true-ttl
-1
cache-control
private, max-age=60
content-encoding
gzip
content-length
36120
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 17:37:06 GMT
etag
W/"307cd-fVV7KExull3FmDqTpO7JXUczJUw"
expires
Mon, 19 Sep 2022 17:38:06 GMT
last-modified
Mon, 19 Sep 2022 17:37:06 GMT
referrer-policy
no-referrer-when-downgrade
server
openresty
server-timing
cdn-cache; desc=REVALIDATE edge; dur=182 origin; dur=394
vary
Accept-Encoding
x-akamai-transformed
9 34048 0 pmb=mRUM,2
default.css
www.al.com/pf/dist/components/combinations/
398 KB
61 KB
Stylesheet
General
Full URL
https://www.al.com/pf/dist/components/combinations/default.css?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
6ffc817ea1169b894aeada5ec524e4b1adb60eba7f7264908147dad58dbedfb8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 19 Sep 2022 17:37:06 GMT
content-encoding
gzip
x-amz-request-id
F416VAKNWCQRVR1G
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
61388
x-amz-id-2
ybZ97shxm46abEqiI6o+IBC9pZsTiPywjuIcyhYgvO5E4M7EszsEAIqiNXv/Ry0hNy7eDUn1A3w=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:21 GMT
server
openresty
etag
W/"589fb8311cfd8de18ea097fbd0391a7f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:06 GMT
style.css
www.al.com/pf/resources/dist/al/css/
2 KB
1022 B
Stylesheet
General
Full URL
https://www.al.com/pf/resources/dist/al/css/style.css?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
faf78b6d0ba1a4313a9c7b724a7e32f6287f443967b5d59ec90db57a8eb701b2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 19 Sep 2022 17:37:06 GMT
content-encoding
gzip
etag
W/"26b0fbe86fb81e5682381ecbda5cc443"
x-amz-request-id
F412Y6BFRXKR8PPT
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
494
x-amz-id-2
j4onEvxkhZSN5xtifrbr4KTjqnpKn/MpyVKtIedOzKBQdIGm4NRZNq0W6gfWTLpqi5dgOybEsYY=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:20 GMT
server
openresty
x-edgeconnect-cache-status
3
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:06 GMT
react.js
www.al.com/pf/dist/engine/
340 KB
101 KB
Script
General
Full URL
https://www.al.com/pf/dist/engine/react.js?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
60e443739e2296594645dcaf9512b56527f263eab9a675271c36ccb769f33a1a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Mon, 19 Sep 2022 17:37:06 GMT
content-encoding
gzip
x-amz-request-id
F41AMGZ1Q67DWH07
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
102757
x-amz-id-2
yvi3o6KB1tqC7iWbavs4ffOui1Woy7qv3dtQe66Z0usNlOWf9cChKZB8CpMaZpyVh5rBu7qTP5BkGmYmR+9gWg==
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:21 GMT
server
openresty
etag
W/"765024d734c6da8ec36cf0d27768ffa0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:06 GMT
default.js
www.al.com/pf/dist/components/combinations/
2 MB
348 KB
Script
General
Full URL
https://www.al.com/pf/dist/components/combinations/default.js?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
135bc8a2a1e8c4e5a48857c398580c20955efffcc1e275dfc5cdc51036fc3eb8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 19 Sep 2022 17:37:06 GMT
content-encoding
gzip
x-amz-request-id
F41AW9QJV13JPG5C
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=28
content-length
354832
x-amz-id-2
AuLjkgE85OT260obSmLHuffKfdXvsPUOE++nTuE2J+rW/2HJH2EincIBYPLDrwr4JG+KYVRzyR52Xmd48ISYSQ==
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:21 GMT
server
openresty
etag
W/"91121bd55bea1c5c5aeace0bc0f54be5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:06 GMT
166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
www.al.com/pf/resources/fonts/
54 KB
54 KB
Font
General
Full URL
https://www.al.com/pf/resources/fonts/166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Origin
https://www.al.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 19 Sep 2022 17:37:06 GMT
content-encoding
gzip
x-amz-request-id
F41C8JAE7C49A9Q3
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
54391
x-amz-id-2
3BxfoPyK3NpOP2pYf/WTMTrfRZXuqltkr4fo9gRtx91D6L1yoH3R3UBWPFp8TKEn/WL8qQy0GtY=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:20 GMT
server
openresty
etag
W/"63c3700153fd19bac6ac63c816251c03"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:06 GMT
448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
www.al.com/pf/resources/fonts/
53 KB
53 KB
Font
General
Full URL
https://www.al.com/pf/resources/fonts/448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Origin
https://www.al.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 19 Sep 2022 17:37:06 GMT
content-encoding
gzip
x-amz-request-id
F418CN9YXFEXWCX2
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
53376
x-amz-id-2
gie8L+rKdbYrdghf9auC7uUAAo/gGFIRnpaX++p4IEzizdxChGXsnJaXSue0yFA55MCEuPSYLc0VEey1n/ZGLg==
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:20 GMT
server
openresty
etag
W/"00b8650c0e6992c5c9ced8f621e43ffd"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:06 GMT
a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff
www.al.com/pf/resources/fonts/
53 KB
53 KB
Font
General
Full URL
https://www.al.com/pf/resources/fonts/a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Origin
https://www.al.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Mon, 19 Sep 2022 17:37:06 GMT
content-encoding
gzip
etag
W/"527a99c70868c89d6be3cc11a8feb999"
x-amz-request-id
F4137K6CSN5JA3ZB
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
53862
x-amz-id-2
F53MiYTGkfHNcYnvSWxT3RcvmDCAfpHRr1C8t1cfwweJFwZMe1/7UjOCzqp5zsuLmSYqi7NjVmc=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:20 GMT
server
openresty
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:06 GMT
farnhamheadline-medium.woff
www.al.com/pf/resources/fonts/
37 KB
37 KB
Font
General
Full URL
https://www.al.com/pf/resources/fonts/farnhamheadline-medium.woff?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Origin
https://www.al.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Mon, 19 Sep 2022 17:37:06 GMT
content-encoding
gzip
x-amz-request-id
F41F0X1FKJWAPEWW
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
36831
x-amz-id-2
pgMRpDj+Hj9WE595oTXF1v3nw5Gy+LLxvTLAALeIOoKtdg+qGmXtivVYlYIvdMZAnchhNOIyzAY=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:20 GMT
server
openresty
etag
W/"05b85684cbf3bc11490297c50cfd67c3"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:06 GMT
farnhamheadline-semi-bold.woff
www.al.com/pf/resources/fonts/
36 KB
37 KB
Font
General
Full URL
https://www.al.com/pf/resources/fonts/farnhamheadline-semi-bold.woff?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Origin
https://www.al.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Mon, 19 Sep 2022 17:37:06 GMT
content-encoding
gzip
x-amz-request-id
F41FKNBXHWG82X6C
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
37066
x-amz-id-2
Pe62FMwEp49h7R5yfOaivYIJWaQIDdzok8scT7eMUnt5EsH3/9KkhoxUaqsCAjCzEHZv0njBABQ=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:20 GMT
server
openresty
etag
W/"c9a8222fbabe6b700baacd21dd7a1f61"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:06 GMT
6AE7CJA7ARHS5E3H2SPGBIOCWQ.jpg
www.al.com/resizer/-eSe_w9nODV3CNKGTDjq8OTJSoQ=/800x0/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/
47 KB
47 KB
Image
General
Full URL
https://www.al.com/resizer/-eSe_w9nODV3CNKGTDjq8OTJSoQ=/800x0/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/6AE7CJA7ARHS5E3H2SPGBIOCWQ.jpg
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
ee04d74c2301db0c7e482cddcc9838ddec252a12501334fb58e0aa5505f61c8e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 19 Sep 2022 17:37:07 GMT
referrer-policy
no-referrer-when-downgrade
x-check-cacheable
YES
x-serial
1451
etag
"7b5e1f24d838b2ce51e0a19cdddab253db504b93"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31362630
last-modified
Sat, 17 Sep 2022 17:28:05 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=216
content-length
48100
server
Akamai Image Manager
expires
Sun, 17 Sep 2023 17:27:37 GMT
iabCcpaIntegrationScript-noGAM.js
cdn.cookielaw.org/opt-out/
19 KB
5 KB
Script
General
Full URL
https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 17:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ZkLmnzyu8aoAQNwZHm6Yqw==
age
4564
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4fe3789b-401e-0133-2c42-28c79e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
74d41661fb29ca4f-YUL
logo_main.svg
www.al.com/pf/resources/images/al/logos/
2 KB
1 KB
Image
General
Full URL
https://www.al.com/pf/resources/images/al/logos/logo_main.svg?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a22fa88a3ae9ba52af74a0c51ba90da56ddd309908b9c8acfc60292af2705152
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Mon, 19 Sep 2022 17:37:06 GMT
content-encoding
gzip
x-amz-request-id
F4165P2CYSNCG7X8
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
799
x-amz-id-2
wfUB32D19Gx8tfYpNWhQF+9MqGTi4YhoDf1JZ9WHQHTbVbDG8AY8oIB7voKmVzDrW80i0Iwn5M3ypiD1c+82RA==
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:20 GMT
server
openresty
etag
W/"0e7c69a5191bd9f0f90d193cceb8c9fc"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:06 GMT
logo_main_sm.svg
www.al.com/pf/resources/images/al/logos/
2 KB
2 KB
Image
General
Full URL
https://www.al.com/pf/resources/images/al/logos/logo_main_sm.svg?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
731e46489c687c89e8e3f7eb26c12c804fbafc8f5e11758a81d6c4e692d1dee5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 19 Sep 2022 17:37:06 GMT
content-encoding
gzip
x-amz-request-id
F41BXG9W84JQ3FCE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1126
x-amz-id-2
tCdvpoz2A9h3fvOvwRm9K2s16z2TSdtJ9mCQmvpCUExDs447BXBdJP1YFd14PPhus4Lat6jBPwI=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:20 GMT
server
openresty
etag
W/"49fdafe0ed5ca66b05dc7271249ec4b5"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:06 GMT
facebook.svg
www.al.com/pf/resources/images/common/logos/
643 B
878 B
Image
General
Full URL
https://www.al.com/pf/resources/images/common/logos/facebook.svg?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
d916a11c273edc69e2cc3c965ab77bbb3a38144b7e1c32932d30cb438bf0d494
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Mon, 19 Sep 2022 17:37:06 GMT
content-encoding
gzip
x-amz-request-id
F4156QZMX37Q3HK2
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
391
x-amz-id-2
h35/rv0+QPFp31TStb6+s938gxGiUzVjISyODttyj8bcJBfb5QWStW0JreQt+zHAzhp2j8fo5hldycbzMsbuzw==
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:21 GMT
server
openresty
etag
W/"a0fc0683d116fb29711e1590c024630e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:06 GMT
twitter.svg
www.al.com/pf/resources/images/common/logos/
1 KB
1 KB
Image
General
Full URL
https://www.al.com/pf/resources/images/common/logos/twitter.svg?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
789228062659fc3c5412265a5a836b6c4d79b2ccde24f14952bc7409a267938b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
etag
W/"c78cf749050a48f890188cd9d72632c9"
x-amz-request-id
F41CVE2MBY8FD9P8
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
660
x-amz-id-2
67Z3n7ykQOiXDG/lSGcaXiwsJ/0ERLJb0AVWais8y7wFpfbJvvwULd2JRvUwoo5cQrAY6wMqMa7mqx5DjoEAwQ==
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:21 GMT
server
openresty
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:07 GMT
footer-logo-advance.svg
www.al.com/pf/resources/images/common/logos/
18 KB
6 KB
Image
General
Full URL
https://www.al.com/pf/resources/images/common/logos/footer-logo-advance.svg?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
25c3fb46576f9c03a7aa53f9e84261623a1a1d7aef5cc0024641d040a89c02ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
x-amz-request-id
F41ARF05YFX9BQZV
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
5265
x-amz-id-2
q3m+pmZWVoZm2jTyMPfgfjWz1tlmFchmBDf4B1a6I6fvexQzOCWTyhLLveSrLtZvGOBaF/oznH8=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:21 GMT
server
openresty
etag
W/"165b66ce6f4daa48f02b4871f04b31e4"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:07 GMT
ad-choices-arrow.png
www.al.com/pf/resources/images/common/logos/
231 B
595 B
Image
General
Full URL
https://www.al.com/pf/resources/images/common/logos/ad-choices-arrow.png?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
feb2c60c8be9af21b80c85e7cf2866d5868514be92a4da03bf08e0a9b3c3c348
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 19 Sep 2022 17:37:07 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:40:10 GMT
server
Akamai Image Manager
etag
W/"c6e75cc6be8dcb2f2d1ab36209f3c3b7"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31266134
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
231
expires
Sat, 16 Sep 2023 14:39:21 GMT
v2zpfqhAPVTT5bj6h2rPC9Ozesgdp1Lzz2KRoHtItJQzd23XmjY3WKXg
satisfycork.com/
92 KB
28 KB
Script
General
Full URL
https://satisfycork.com/v2zpfqhAPVTT5bj6h2rPC9Ozesgdp1Lzz2KRoHtItJQzd23XmjY3WKXg
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:802f::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
947ef88f9ec54a28e10ed61f4d6d0ec27427533093b6fe877d211a03e4c09544
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-us-east1
etag
"61c0fb9a8ded2e0a10f8c7f7ab77f2f217524366a4a9cc96ad70a7910a27f376"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-spot-2mv2
content-type
text/javascript; charset=utf-8
via
1.1 google
cache-control
private, must-revalidate, max-age=21600
date
Mon, 19 Sep 2022 17:37:06 GMT
x-buildnumber
632800667
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sophi.min.js
cdn.sophi.io/latest/
124 KB
42 KB
Script
General
Full URL
https://cdn.sophi.io/latest/sophi.min.js
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-35.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b8b45f95f260b5fe20ed13bbc24672747119392efa1b1a2ebf8034a87e24c78

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Sep 2022 08:13:43 GMT
content-encoding
br
last-modified
Fri, 29 Jul 2022 21:14:26 GMT
server
AmazonS3
age
33804
etag
W/"02647b6d480ecf7d79935b079efdd47f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
1TwttMuTujejGZC.n3EQcIEYN6TuN6Ro
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
PHL50-C1
content-type
application/javascript
x-amz-cf-id
nTPBQDU5IntAL1uAd1QByaLyy1LnHKEaaNbycNOnqr5xeIbKADrazQ==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
8 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 17:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7BKk7WQU1Z9EDMZmf1T6Vg==
age
9293
vary
Accept-Encoding
content-length
7151
x-ms-lease-status
unlocked
last-modified
Thu, 15 Sep 2022 18:22:15 GMT
server
cloudflare
etag
0x8DA974737287FBC
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5bd43f01-f01e-006a-3736-c9844d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74d41661fb2bca4f-YUL
YEHML-2MP5A-4ERAH-85V5H-86WT5
s.go-mpulse.net/boomerang/
205 KB
49 KB
Script
General
Full URL
https://s.go-mpulse.net/boomerang/YEHML-2MP5A-4ERAH-85V5H-86WT5
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:5000:698::11a6 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:06 GMT
content-encoding
br
last-modified
Mon, 11 Jul 2022 23:58:54 GMT
x-n
S
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
gtm.js
www.googletagmanager.com/
401 KB
114 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WVBR3RD
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3fe9e212688fbeca5e6bd2059c2d831b67baa36e08309921a20f97f842350bf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116026
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 16:15:07 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Sep 2022 17:37:06 GMT
01.png
www.al.com/pf/resources/images/common/weather/tiny/
3 KB
4 KB
Image
General
Full URL
https://www.al.com/pf/resources/images/common/weather/tiny/01.png?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/pf/dist/components/combinations/default.css?d=907
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
0daa1932b4579f96ff53af6b9f539edea0cdadd9e5f77c89c8156e3721f9d36c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/pf/dist/components/combinations/default.css?d=907
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
date
Mon, 19 Sep 2022 17:37:07 GMT
referrer-policy
no-referrer-when-downgrade
x-check-cacheable
YES
server
Akamai Image Manager
etag
W/"943580722d571b890fa63310005293d9"
x-serial
1265
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31266063
last-modified
Fri, 16 Sep 2022 14:40:10 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=16
content-length
3264
expires
Sat, 16 Sep 2023 14:38:10 GMT
chevron-white.svg
www.al.com/pf/resources/images/common/arrows/
864 B
966 B
Image
General
Full URL
https://www.al.com/pf/resources/images/common/arrows/chevron-white.svg?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/pf/dist/components/combinations/default.css?d=907
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/pf/dist/components/combinations/default.css?d=907
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
x-amz-request-id
ZP9Z5KMWTE5JAW2Z
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
486
x-amz-id-2
uTnAphxlNinPTgCO/yt+Tms+2TzSCFh3hBaISKs35js4i6DaQjLQyv66f3qsuWkHjzed6QCNyQQ=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:20 GMT
server
openresty
etag
W/"691552a6377a1dfc9eeae87d6aeb8931"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:07 GMT
icon-bookmark.svg
www.al.com/pf/resources/images/common/icons/
973 B
1004 B
Image
General
Full URL
https://www.al.com/pf/resources/images/common/icons/icon-bookmark.svg?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/pf/dist/components/combinations/default.css?d=907
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
83ca36b9cc55624cabaf79e9519349236e4516d956d5d593a8801893c1173b40
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/pf/dist/components/combinations/default.css?d=907
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
x-amz-request-id
RJKGB5F6BYXMBVSQ
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
503
x-amz-id-2
cKXBS9hMAMKuVooDv1eWVbIi/x+P0sbIzQyCUpxMgt03TyvrE1BX+X7Ej/HfHV4SGhB2mD84Sg8=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:20 GMT
server
openresty
etag
W/"ace63b5f05588b922e3291c78f542ac2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:07 GMT
icon-bookmarks.svg
www.al.com/pf/resources/images/common/icons/
2 KB
1 KB
Image
General
Full URL
https://www.al.com/pf/resources/images/common/icons/icon-bookmarks.svg?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/pf/dist/components/combinations/default.css?d=907
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
ff048888d2deed4fd6b3bb53479d76447f4c7ba23295c9f9d40b095741f3fc2b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/pf/dist/components/combinations/default.css?d=907
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
x-amz-request-id
ZP9SN643ENS3E25T
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
800
x-amz-id-2
QFfkTP03TVXpCHZEht8HDhRI0zAjw/8NTW0t7CTNkt7aRFs39uMMSeMuMhTvP4650xpLliJ4imA=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:20 GMT
server
openresty
etag
W/"a0dc7c8223ace06a43c1edd08fa11fab"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:07 GMT
c4282795-e175-40cc-8ec5-aeb056041ab7.json
cdn.cookielaw.org/consent/c4282795-e175-40cc-8ec5-aeb056041ab7/
3 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/c4282795-e175-40cc-8ec5-aeb056041ab7/c4282795-e175-40cc-8ec5-aeb056041ab7.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b8b82997d73d135fd781f346c1c79db1ddd4ce9733ed824d5a9be99fb320b43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Em0Cm+uNtEaQm/SrCyIecw==
age
2700
vary
Accept-Encoding
content-length
1462
x-ms-lease-status
unlocked
last-modified
Wed, 07 Sep 2022 14:34:27 GMT
server
cloudflare
etag
0x8DA90DE1146E4DF
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
932bc0de-701e-00f3-3ce2-c20b8f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74d41662efe5714a-YUL
expires
Mon, 19 Sep 2022 21:37:07 GMT
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame
0
0
Preflight
General
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.al.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.al.com
access-control-max-age
5
content-length
0
date
Mon, 19 Sep 2022 17:37:07 GMT
server
nginx
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/
2 B
220 B
XHR
General
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.al.com
date
Mon, 19 Sep 2022 17:37:07 GMT
access-control-allow-credentials
true
server
nginx
content-type
text/plain; charset=UTF-8
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
targeting
targeting.perso.aws.arc.pub/api/v1/ Frame
0
0
Preflight
General
Full URL
https://targeting.perso.aws.arc.pub/api/v1/targeting
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.136.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-136-32.compute-1.amazonaws.com
Software
nginx/1.10.3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
arc-org-name,content-type
Access-Control-Request-Method
POST
Origin
https://www.al.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,Arc-Org-Name,Arc-Organization
access-control-allow-methods
POST,GET,OPTIONS,DELETE
access-control-allow-origin
*
date
Mon, 19 Sep 2022 17:37:07 GMT
server
nginx/1.10.3
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/
190 B
321 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb59848b4e6672fb3b94f7ce6ee8c7f6916c0ea6110c79e1384d9a71e8ebbf1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
74d416645a44ca6f-YUL
date
Mon, 19 Sep 2022 17:37:07 GMT
vary
Accept-Encoding
content-type
text/javascript
gpt.js
securepubads.g.doubleclick.net/tag/js/
80 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.al.com
URL: https://www.al.com/pf/dist/components/combinations/default.js?d=907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efc1feac35e089b632417f7f1c2cfddb46d4b16c234407a9d98ed2d64261f21d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27762
x-xss-protection
0
server
sffe
etag
"1338 / 885 of 1000 / last-modified: 1663585777"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 19 Sep 2022 17:37:07 GMT
pub.js
pub.doubleverify.com/signals/
67 KB
18 KB
Script
General
Full URL
https://pub.doubleverify.com/signals/pub.js
Requested by
Host: www.al.com
URL: https://www.al.com/pf/dist/components/combinations/default.js?d=907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45169abf0c7bb67cf7708983ec00a7c62c8beddb556112ec1ae79de86c8c9681
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
br
cf-ray
74d41664be22ca53-YUL
server-timing
total;dur=0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=14400, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'self'
timing-allow-origin
*
10071.js
micro.rubiconproject.com/prebid/dynamic/
415 KB
117 KB
Script
General
Full URL
https://micro.rubiconproject.com/prebid/dynamic/10071.js
Requested by
Host: www.al.com
URL: https://www.al.com/pf/dist/components/combinations/default.js?d=907
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f8b348b3f402fc76b1e6f3ca3075acedb9999000e22f2d951f2dec43e712f99f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
last-modified
Sun, 18 Sep 2022 19:41:04 GMT
server
Apache
vary
Accept-Encoding
edge-cache-tag
prod-prebid-10071_AL_Desktop_Mobile.js
content-type
text/javascript
access-control-expose-headers
x-trp-pba
cache-control
public, must-revalidate, max-age=0
content-length
118385
x-trp-pba
{"ruleId":"17","rulePos":0,"ruleName":"AL_Default2","wrapperName":"10071_AL_Desktop_Mobile","isPrimary":true,"randomProb":58,"account":10071,"device":"desktop","country":"CA","host":"al.com","isMobile":false,"isTablet":false,"reqHost":"micro.rubiconproject.com","referrer":["https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html"],"xForwardedFor":"","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36","query":"","ranAt":"2022-09-19T17:37:07.318Z","runId":"1663609027318-8817","wrapperPath":"/prebid/10071_AL_Desktop_Mobile.js","redirectUrl":"/prebid/get-wrapper/AL_Default2/10071_AL_Desktop_Mobile.js"}
expires
Mon, 19 Sep 2022 19:53:25 GMT
apstag.js
c.amazon-adsystem.com/aax2/
167 KB
43 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.al.com
URL: https://www.al.com/pf/dist/components/combinations/default.js?d=907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Sep 2022 16:40:14 GMT
via
1.1 3dcb635971b5d310e8941cdb963aff70.cloudfront.net (CloudFront), 1.1 360031d112e5d98f967632ba717f6cfe.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:32 GMT
server
AmazonS3
age
3414
etag
W/"0b4d277527066dd35dd7c0288cb596b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
IAD89-C3, EWR52-C2
content-encoding
gzip
x-amz-cf-id
op6E4dlglJZEwxpYi10FluLU4YzTwePdqjxbmLflHsukIyBMBd-mmg==
lt.min.js
tags.crwdcntrl.net/lt/c/958/
48 KB
15 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/958/lt.min.js
Requested by
Host: www.al.com
URL: https://www.al.com/pf/dist/components/combinations/default.js?d=907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee488bcb82413b3061d91d4fa92e4249bf6c0b9c96d16df965640550135fae0b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Sep 2022 09:51:23 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 16:16:14 GMT
server
AmazonS3
age
27945
etag
W/"e01c2de4061f447f518a76ca60d07c14"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 205b9099637a29b949f9be6dceccecec.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
JFK50-P4
x-amz-cf-id
PKMtLqVqRmRZDSYlqYsd0PATJ1caOBgTwDLviaV1AayK2LnEA55_NA==
loader.js
cdn.taboola.com/libtrc/advance-network/
398 KB
35 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/advance-network/loader.js
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03d21a4fbb1b86fada54b2dd126c9360a2674f46006d2297a21ca7b62f88fe90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
LdPkbB8DZr6lK_FZkfIa14akDllJi0Ja
content-encoding
gzip
etag
"005a38d579f5b905ca6051f275b6d1ed"
age
3298
x-cache
HIT
content-length
34948
x-amz-id-2
pdIlEO66EMqpLnnQvKg6vCh0djMmG/X75dffuyXvxdcEOqZPEaGlnZbloVwECsjG2ts5bYHzrps=
x-served-by
cache-yul12830-YUL
last-modified
Mon, 19 Sep 2022 16:42:01 GMT
server
AmazonS3
x-timer
S1663609027.335143,VS0,VE0
date
Mon, 19 Sep 2022 17:37:07 GMT
vary
Accept-Encoding
x-amz-request-id
GRY3SWN97FWYH3BM
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
94
x-cache-hits
71
targeting
targeting.perso.aws.arc.pub/api/v1/
62 B
342 B
Fetch
General
Full URL
https://targeting.perso.aws.arc.pub/api/v1/targeting
Requested by
Host: www.al.com
URL: https://www.al.com/pf/dist/components/combinations/default.js?d=907
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.136.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-136-32.compute-1.amazonaws.com
Software
nginx/1.10.3 /
Resource Hash
bff66521bdbfca73af4a6e0f85f8260bb558db5b948e97ebc53935c73be41636

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
Arc-Org-Name
advancelocal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:37:07 GMT
server
nginx/1.10.3
access-control-allow-methods
POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,Arc-Org-Name,Arc-Organization
content-length
62
client
accounts.google.com/gsi/
186 KB
74 KB
Script
General
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.al.com
URL: https://www.al.com/pf/dist/components/combinations/default.js?d=907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200d Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f39c96939fd5296e44f4a6b3731a5822497f9adc95f2fa6b42c0248936b46f9a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-CGycXYRgL6UzF5K5W3391A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-CGycXYRgL6UzF5K5W3391A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 19 Sep 2022 17:37:07 GMT
main-menu-hamburger-white.svg
www.al.com/pf/resources/images/common/icons/
1 KB
955 B
Image
General
Full URL
https://www.al.com/pf/resources/images/common/icons/main-menu-hamburger-white.svg?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/pf/dist/components/combinations/default.css?d=907
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
1cb614c81c491878e5b6256098b31fb4f68b7bbde5e60b21334d085db7e37549
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/pf/dist/components/combinations/default.css?d=907
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
x-amz-request-id
ZP9GK94BGK7YX20P
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
455
x-amz-id-2
ePx/WjZNR5qnR0R5gp9KTVqhUlOYvB0qj4ur4O0vGVpzC/qw59Q+La2DYdiU3eii0ntzZcuDlcI=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:20 GMT
server
openresty
etag
W/"4c13e35767d4f1fc45fe58d883b78893"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:07 GMT
user-white.svg
www.al.com/pf/resources/images/common/icons/
5 KB
3 KB
Image
General
Full URL
https://www.al.com/pf/resources/images/common/icons/user-white.svg?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/pf/dist/components/combinations/default.css?d=907
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/pf/dist/components/combinations/default.css?d=907
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
x-amz-request-id
ZP9J7KDJYW4XA4ZZ
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
2508
x-amz-id-2
YjhAN6cfSLaLIGHOW3f9xX57b5V04mTHpYa9PCr9tb5kLbOge9slBALR2vDbGl8PcQq3gSJf5Kk=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:20 GMT
server
openresty
etag
W/"fdc13d9553130cf8463df06e8ba5682d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:07 GMT
close-x-black.svg
www.al.com/pf/resources/images/common/close/
347 B
727 B
Image
General
Full URL
https://www.al.com/pf/resources/images/common/close/close-x-black.svg?d=907
Requested by
Host: www.al.com
URL: https://www.al.com/pf/dist/components/combinations/default.css?d=907
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
ec2b20442837efd4e5ce0bbc2f0736e28578f430898b81fc1bef64e715e2950c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/pf/dist/components/combinations/default.css?d=907
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
x-amz-request-id
RJKYNAAF1NFH15DK
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
231
x-amz-id-2
M1mnbmicLfD36KpN8JcIR0iulhIiC7bJvr5Z6/1hg8HDNQfwXljh1/dOmRRJ2plIhwE0byxae0o=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Sep 2022 14:14:20 GMT
server
openresty
etag
W/"05bff1e04af292b1c6cf06bcd3f4d541"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 19 Sep 2023 17:37:07 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
181 B
383 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d754e05bc2acdfe544b477f31c057921708a43b9868402c1ae574c5c614dc528
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
74d416655c734bca-YUL
access-control-allow-headers
Content-Type
skeleton.js
static.adsafeprotected.com/
17 B
467 B
Script
General
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: satisfycork.com
URL: https://satisfycork.com/v2zpfqhAPVTT5bj6h2rPC9Ozesgdp1Lzz2KRoHtItJQzd23XmjY3WKXg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 07:39:15 GMT
via
1.1 bf08d0f122cb7618f980954bd4f44e36.cloudfront.net (CloudFront)
age
3405473
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
lBKE5vqXEYywz8ooqmoiuuOIzXUZmIae7RejGfO5y8QM6RIP99xZLQ==
tag.js
a.teads.tv/analytics/
11 KB
4 KB
Script
General
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVBR3RD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.169.61 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-169-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d33a8782a0ffd197f8fe1c40875463abb90c32c1332ee2a5e212f8d3964c6ad7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
CiKHX4xqxgFLMLxE9KKEwvOwE3PStQI4
content-encoding
br
last-modified
Wed, 07 Sep 2022 12:45:11 GMT
x-amz-request-id
1DH02WCN7RHGTJNT
etag
"ceb80d9e3795d1d7b4cbf5e7b8d7dddc"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
date
Mon, 19 Sep 2022 17:37:07 GMT
accept-ranges
bytes
content-length
3339
x-amz-id-2
sYHvnc4uuaHGNmHnhGOmhO6OdJdZ7woHgSBeLwFToFUnWB3pyZbYsRqgqTPDGG/jSwPns+JOPus/nRIxSOUPmg==
script.js
w698.al.com/
148 KB
45 KB
Script
General
Full URL
https://w698.al.com/script.js
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-76.phl50.r.cloudfront.net
Software
- /
Resource Hash
a9fad541e10caeebefedf8a2e64eb955f2168545c2368b38e42e79ce1f04025b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:36:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
43
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
45893
x-xss-protection
1; mode=block
last-modified
Mon, 19 Sep 2022 01:53:09 GMT
server
-
etag
e80855a7bb3d6b1b88932e7dc392c8d3
content-type
text/javascript; charset=utf-8
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
cache-control
public, no-cache="Set-Cookie", max-age=600
x-amz-cf-pop
PHL50-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
JhFVTpFTwjOwfXxfzQWeq8MM5afk1zMy5mWFkfViH8pklv-EQCycrA==
expires
Mon, 19 Sep 2022 17:46:24 GMT
126006X1587343.skimlinks.js
s.skimresources.com/js/
36 KB
14 KB
Script
General
Full URL
https://s.skimresources.com/js/126006X1587343.skimlinks.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVBR3RD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
681ddafe3edfd23d96e3a634e43f268fa209052d70fdc9759003d74fdbb52a34

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 08:58:59 GMT
server
AmazonS3
x-amz-request-id
QRCG88AJVV7240A1
etag
"55090f3385774fb1e11d63ddc8a7c774"
x-hw
1663609027.cds060.dc2.hn,1663609027.cds055.dc2.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
13979
x-amz-id-2
ySprwhH47J2TIohek4sNTSOKqiSrR+2tp3p+xzj4NxuD/ncsrQLk5rISTPAoug9rkp19+56x4MI=
moatheader.js
z.moatads.com/advanceddigitalheader640552616592/
237 KB
83 KB
Script
General
Full URL
https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.105.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-242.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
706d476c614ed641b0dbc63cd30078881a7184cf266f7955fb6e338357c474c5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 19:14:01 GMT
server
AmazonS3
x-amz-request-id
RYKRFR2553GB1H62
etag
"abab787b6c7790e6d3a5fadf0157a751"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=55618
accept-ranges
bytes
content-length
84127
x-amz-id-2
ml6HdQtWJqoHuFCaHC2lV3mfd1pxLWjWgQrrREh89pMKmj74nHGmPAfQ716CzlyadLzGS0j5580=
ats.js
ats.rlcdn.com/
109 KB
110 KB
Script
General
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-22.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
via
1.1 191d4b07c4ff3e2c7cfeea67e1eb00f0.cloudfront.net (CloudFront)
etag
"148e21f812b555a13b2a9c6b616141f4"
age
73879
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
content-length
112112
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
date
Sun, 18 Sep 2022 21:05:49 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/x-javascript
x-amz-cf-id
pQclL3mmcyira6sFL_7CxoSc7AtP-IPL3RPsYa5lb8uqz6u4yLmsVw==
load
experience.tinypass.com/xbuilder/experience/
338 B
562 B
Script
General
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=rdx9aWSVf9
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
849
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
M0ovgirRMNd
wn
prod-exp-10-0-125-103
last-modified
Mon, 19 Sep 2022 17:09:36 GMT
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1800
cf-ray
74d416668842ca53-YUL
expires
Mon, 19 Sep 2022 18:07:07 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVBR3RD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4295
date
Mon, 19 Sep 2022 16:25:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 19 Sep 2022 18:25:32 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/
930 B
1 KB
Script
General
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.164.131.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-131-14.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 14:01:31 GMT
Via
1.1 812385435e4a24499dabb443924e6b50.cloudfront.net (CloudFront)
Age
14806
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
JFK50-P7
Accept-Ranges
bytes
X-Amz-Cf-Id
zPGb3H57Kay8nonJIJ5D6TwWBuWYbMaw4frpNgRH5V5p5GuUORlEZA==
Expires
Tue, 20 Sep 2022 13:30:21 GMT
load.js
s.ntv.io/serve/
479 KB
137 KB
Script
General
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.76.105.144 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-144.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5525fe0659c283e57d8ca8f0ff56cba585bd7fe8532df9387c0a824ae35dec76

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:37:07 GMT
Content-Encoding
gzip
x-amz-request-id
XXVFNFXEHSG458GD
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
4GluwoBNPCux1crIToshgq+WtaLPqXWDnKyNA1o7TTS4bZuQUasM5cHpVnrd7sbDC4EWAv7rVfc=
Last-Modified
Fri, 02 Sep 2022 14:27:37 GMT
Server
AmazonS3
ETag
"9624bb208d35ae785b11a575256bbe77"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-16.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 06:42:21 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
39287
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
FRk5ALCl26asoH31oi4xkmtzbBbvmZo_7ivSGGlMx8adidF96TQPpQ==
fbevents.js
connect.facebook.net/en_US/
101 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26839
x-xss-protection
0
pragma
public
x-fb-debug
7B5STD8FUcy/VNw/fq6rinHmX5ZRB4sY6ikiIdLOxDHhvUeqZtP0dEmLSi3ZqnRQ4vO3fibUXHT1gruCCsY5Rw==
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 17:37:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
8 KB
3 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVBR3RD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82d0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 20:23:36 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=40347
accept-ranges
bytes
content-length
3063
up_loader.1.1.0.js
js.adsrvr.org/
4 KB
5 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVBR3RD
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-31.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 18 Sep 2022 21:08:25 GMT
Via
1.1 64aebd154b6045af00c94ad9d2ff49f2.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
73723
ETag
"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
Content-Length
4593
X-Amz-Cf-Id
WE3aB-wo0SNCH8O7lSdMf2xm-3MP7Sq6vDQx8AlEONrvOxsA4b3dDg==
v2
z-na.associates-amazon.com/onetag/
11 KB
4 KB
Script
General
Full URL
https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=77490122-7146-40e2-9e24-0b4d977bece3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVBR3RD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.174.182 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-174-182.ord52.r.cloudfront.net
Software
Server /
Resource Hash
193cc04713bb3a1a70c7afb361499494cc3189e5a219afc8455857d3e94e8b3a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:24:45 GMT
content-encoding
gzip
accept-charset
UTF-8
server
Server
age
25942
x-amz-rid
SHBAEA8K7VJG6JKXBN6S
vary
accept-encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-pop
ORD52-C2
x-amz-cf-id
gV0dy55KR74mYl5QlHiIwFUveaq-tzY0p-1Cn_OOl1TFxClb49Xvjg==
via
1.1 a1df977c0f19257540a25f348f676d48.cloudfront.net (CloudFront)
advance_417d9_alabama.js
cdn-magiclinks.trackonomics.net/client/static/v2/
95 KB
28 KB
Script
General
Full URL
https://cdn-magiclinks.trackonomics.net/client/static/v2/advance_417d9_alabama.js
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:c600:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash
a87ef79face3a1a1e6562ef5e6c1c180aa81d286778b8b64b668bb7562aabb7f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 11:07:20 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 12:25:16 GMT
server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
age
23387
etag
W/"17d93-5e2812104cf76"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
sgErRbhvB3zPL8bRIjyaz0_PPRmpa-ESQHUVgAns6aT9nWgzRoktCA==
via
1.1 b9da5ed239e7d2c1a0b20bd76696c844.cloudfront.net (CloudFront)
spm.v1.min.js
ak.sail-horizon.com/spm/
124 KB
44 KB
Script
General
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVBR3RD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.224.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-224-95.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:30:54 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 23:20:31 GMT
server
AmazonS3
age
374
etag
W/"97dd801dd26ae0172c7875245d92f506"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 88112861fcc652b3e20b1a8120ffdda0.cloudfront.net (CloudFront)
cache-control
max-age=600; must-revalidate
x-amz-cf-pop
IAD79-C3
x-amz-cf-id
8q47_5Zg0sNMOQRGIemGzJqR16vpoApgg8Y9McGz742_5LH7WBsmqw==
js
www.googletagmanager.com/gtag/
210 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q2GF9K551G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVBR3RD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f9754ef316415a32f1cf417c4ff21e7382a4f290e9f83c52357bfe1c84aa277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75333
x-xss-protection
0
expires
Mon, 19 Sep 2022 17:37:07 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202208.1.0/
375 KB
89 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202208.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0766007565870c9a9ce93e31236bc0119fd01fff87ed569848a2a486e931c0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
PoUkurh3GT3DbFeu3QcwyA==
age
9233
vary
Accept-Encoding
content-length
91152
x-ms-lease-status
unlocked
last-modified
Fri, 02 Sep 2022 06:26:19 GMT
server
cloudflare
etag
0x8DA8CAC0C067309
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
915f4702-c01e-008c-1d9f-be95bd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74d41666a95dca4f-YUL
pubads_impl_2022091501.js
securepubads.g.doubleclick.net/gpt/
376 KB
127 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2838ada1a2e98ea67fbff5622ae6dbc293c5cae3f50be29febaa03b9a4bd8627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 10:47:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
370152
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130101
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 08:34:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Sep 2023 10:47:55 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
260 B
170 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.al.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da96cc17a52b5f68b51c6e2d10771db120c1d060d9f482bc40c4073235ec421b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145
x-xss-protection
0
expires
Mon, 19 Sep 2022 17:37:07 GMT
pub.json
pub.doubleverify.com/signals/
55 B
303 B
Fetch
General
Full URL
https://pub.doubleverify.com/signals/pub.json?ctx=20823471&cmp=DV460143&signals=ids,bsc&url=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a3493f0ccfe2c01adca092d40d99c62c80938188044917f7f5e714cb894f76a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
74d416673f837139-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55
set
privacy.crwdcntrl.net/consent/
301 B
574 B
XHR
General
Full URL
https://privacy.crwdcntrl.net/consent/set?ct=skip&ca=1&ccd=1&cds=1&cta=1&c=958
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/958/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2e1f894530f6059783d8bf3f0b39c93790a88ad37a72100e6abd91051ed455f5

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:07 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.al.com
cache-control
no-cache
x-server
10.40.34.148
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
301
expires
0
data
bcp.crwdcntrl.net/6/
1021 B
2 KB
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/958/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
00fe10e6a9ad1da63026c48c764d0c1a023ccde8ee8986d481240281a808131f

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:07 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.al.com
cache-control
no-cache
x-server
10.40.4.111
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
1021
expires
0
load.js
widget.perfectmarket.com/advance-network/
3 KB
2 KB
Script
General
Full URL
https://widget.perfectmarket.com/advance-network/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af7bbc49c4043912d715061be2566be1ab02e08e7480c1cdc88759a58066953d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
G5JjLbr9W1z4cIhXbIk9cu4MZIxtopoD
content-encoding
gzip
etag
"95f1bb466374e7fb829c932b8039145e"
age
209
x-cache
HIT, HIT
content-length
1214
x-amz-id-2
W8IjHtQxS6AiqKP3TPi0RbhF5472ISSvfCgtYB2up82vQqA2voFrwziGAvBhuU6PPPw8jqUlTs8=
x-served-by
cache-sna10728-LGB, cache-yul12831-YUL
last-modified
Tue, 06 Oct 2020 12:02:09 GMT
server
AmazonS3
x-timer
S1663609028.778691,VS0,VE0
date
Mon, 19 Sep 2022 17:37:07 GMT
vary
Accept-Encoding,,
x-amz-request-id
8J3HJBKAEXMHVZT1
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 3
impl.20220919-29-RELEASE.js
cdn.taboola.com/libtrc/
686 KB
142 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20220919-29-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
7475c05506be64a3776f01a8983debdb2776e64807042516043ca861986cad40

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
T4BwW6L7GkUUwUHkGO95NCIpA3.XfdwB
content-encoding
br
etag
"91098208efb744fc7f4777d1c6754b4d"
age
4894
x-cache
HIT
content-length
145351
x-amz-id-2
iFYM6cirozLeDUOxNC/lW1YiQQZH92ycX87z4bpE9X4FlnemTQzEOW8Jhi3RthGnAmtVKoph4H0=
x-served-by
cache-yul12830-YUL
last-modified
Mon, 19 Sep 2022 15:43:23 GMT
server
AmazonS3-br
x-timer
S1663609028.747509,VS0,VE0
date
Mon, 19 Sep 2022 17:37:07 GMT
vary
Accept-Encoding
x-amz-request-id
13XT2GMYNRXB1Q95
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
39
x-cache-hits
12677
style
accounts.google.com/gsi/
533 B
328 B
Stylesheet
General
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200d Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gRJffty8CawgkEbr6txsAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-gRJffty8CawgkEbr6txsAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 19 Sep 2022 17:37:07 GMT
status
accounts.google.com/gsi/
40 B
94 B
XHR
General
Full URL
https://accounts.google.com/gsi/status?client_id=184093943212-lmps21klep5nebd9laec0ukiu1uno8rk.apps.googleusercontent.com&as=T%2BPAJXzXhdsA0ZkiM3MQJQ
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200d Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f5ef53326a77aa95d9aa77bf714c1119092ac0ec88c3a1290ae8d89f38eef78f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8D5xpfSHweozOfY9OEhfDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.al.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-8D5xpfSHweozOfY9OEhfDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/
1 KB
2 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3178&u=https%3A%2F%2Fwww.al.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-76.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
e7261fe5ce66c71ad531ce6da47cd76b7b875cea04c6fe7cfe616b0cad05cd3b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:07 GMT
via
1.1 360031d112e5d98f967632ba717f6cfe.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.al.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1378
x-amz-cf-id
VMvrAwYyWexzzCrR_kJNjlXM2IwL_vUUrASWADYtVwmvTFLwMtLY_g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 09:39:08 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
28680
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 19 Sep 2022 09:37:07 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
via
1.1 b82a7340871763a856185e46298c05b8.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR52-C2
content-type
application/javascript
x-amz-cf-id
TewHF1fHhp39xO-ztwLAF9jcMl3HwBzNcPvLSnlKx7ep4kRQ02BeOA==
10071-pbjs-floors.json
ads.rubiconproject.com/floors/
57 KB
6 KB
XHR
General
Full URL
https://ads.rubiconproject.com/floors/10071-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ea3a323f874f2fe5e46430fad43e98577725ee1c542ea853d645cd7caef303cb

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 16:41:04 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
6097
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1663609027822&se=e30&duid=8810293dbf02--01gdbd6f7b1z1pg4zmdesbxzja&pu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-socia...
  • https://rp4.liadm.com/j?dtstmp=1663609027822&se=e30&duid=8810293dbf02--01gdbd6f7b1z1pg4zmdesbxzja&pu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-soci...
39 B
577 B
XHR
General
Full URL
https://rp4.liadm.com/j?dtstmp=1663609027822&se=e30&duid=8810293dbf02--01gdbd6f7b1z1pg4zmdesbxzja&pu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&wpn=prebid&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjE1&n3pc=true
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
52.207.19.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-19-117.compute-1.amazonaws.com
Software
/
Resource Hash
375e796fa067182ddbda956316c66cf3e5e6621832e1d677d95231ae785f0778
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:08 GMT
x-pixel-event-id
0d68b127-289f-479e-be4d-059d9cfc2e8b
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
null
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
c2ef7003def37109
request-time
0
content-length
39
x-content-type-options
nosniff

Redirect headers

date
Mon, 19 Sep 2022 17:37:07 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
location
https://rp4.liadm.com/j?dtstmp=1663609027822&se=e30&duid=8810293dbf02--01gdbd6f7b1z1pg4zmdesbxzja&pu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&wpn=prebid&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjE1&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://www.al.com
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
146f0bc667f28857
request-time
0
content-length
0
x-content-type-options
nosniff
tinypass.min.js
cdn.tinypass.com/api/
324 KB
94 KB
Script
General
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=rdx9aWSVf9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbd7ed4f93721d1fd01062540e84d0c3fa8a5297ef5daff964e7ea5f532930ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:07 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
9761
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DPKZZ5WPSHJK8DF9
x-amz-id-2
szk3fPeiiO6CWpdR291F66U3QkFPMAUAP0MbKp3ENZXYHc2IBbVS0mcFtYKEAuFryHeFsisNtho=
last-modified
Fri, 16 Sep 2022 09:29:34 GMT
server
cloudflare
etag
W/"15581b223b4f44668855811bdcfb4bae"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=14400
x-amz-version-id
D7jP9lM0viGhWei0PFS5RAKzqM2zrSNi
cf-ray
74d416686ac8ca53-YUL
expires
Mon, 19 Sep 2022 21:37:07 GMT
fpc
at.teads.tv/
56 B
390 B
XHR
General
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_11014&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=bd83746&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.72 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8221dac33fc8965ed44440071e7d9d125212aff071465c782315965af67b1b1f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:08 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.al.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
56
Expires
Mon, 19 Sep 2022 17:37:08 GMT
/
vtrk.doubleverify.com/
0
180 B
Ping
General
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=d4aceb50-144a-40bd-a0de-822a4d4755ef&z=8492260660&ctx=20823471&cd160=d8dbc96f-3abe-4ec9-89ef-a49b9c16cbd5&cd161=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&ea=load-pq&cd180=network&cm180=84&cm181=12&cm182=10&cm183=26&cm184=32&cm185=2&cm186=427&cm191=0&cmp=DV460143
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.43.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-43-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.al.com
date
Mon, 19 Sep 2022 17:37:07 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
cs
advancelocal.blueconic.net/DG/DEFAULT/
17 B
700 B
Script
General
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?&callback=bc_json1071
Requested by
Host: w698.al.com
URL: https://w698.al.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.24.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-24-35.compute-1.amazonaws.com
Software
- /
Resource Hash
ac866e1c6e6431f27e26293f9fdba77df383e09814008bff6d26f260829692a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
content-type
text/javascript; charset=utf-8
content-length
37
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
v2olenLFEq0fZoFuu7Z45ECjrM0-2WYuGFSC5yS71CpnigoKfq_66QZHVBbHHTFR3NgwmhxX5
satisfycork.com/
183 B
210 B
Fetch
General
Full URL
https://satisfycork.com/v2olenLFEq0fZoFuu7Z45ECjrM0-2WYuGFSC5yS71CpnigoKfq_66QZHVBbHHTFR3NgwmhxX5
Requested by
Host: satisfycork.com
URL: https://satisfycork.com/v2zpfqhAPVTT5bj6h2rPC9Ozesgdp1Lzz2KRoHtItJQzd23XmjY3WKXg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:802f::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
034ad469e11c7acec691ec7c86b2a9c5999b37e682d9f3be1901c2068790427d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
via
1.1 google
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183
x-datacenter
gce-us-east1
date
Mon, 19 Sep 2022 17:37:08 GMT
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.al.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fen-hoothoot-us-east1-spot-2mv2
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Mon, 19 Sep 2022 17:37:07 GMT
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 6077
2 KB
3 KB
Document
General
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=958
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/958/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
9679
cache-control
max-age: 86400
content-length
2240
content-type
text/html
date
Mon, 19 Sep 2022 14:55:50 GMT
etag
"6fcf4f5197ab24c92d090f6ac8d87e01"
last-modified
Mon, 01 Feb 2021 20:35:17 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 205b9099637a29b949f9be6dceccecec.cloudfront.net (CloudFront)
x-amz-cf-id
0OyAplf5WXw_oTfuFPbJwvchEjy7nLGbZL-5iytWkX5dyL9MvoO9cg==
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
p.js
cdn.parsely.com/keys/al.com/
56 KB
21 KB
Script
General
Full URL
https://cdn.parsely.com/keys/al.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-101-60.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
0ec22d938c2af9c2d0d4ef03504550f6edc79e85d1aa28b9cc80b6e26207f5ca

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
public
date
Mon, 19 Sep 2022 14:20:49 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 14:34:05 GMT
server
nginx
age
11779
etag
W/"62bc62dd-df3b"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
SIln8-qpM_cP9YXFpdV_zx9GLuPYWgPoLYdIpGUqZASDpSetiCnuQA==
expires
Tue, 20 Sep 2022 14:20:49 GMT
publisher:getClientId
ampcid.google.com/v1/
74 B
529 B
XHR
General
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.al.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
robots.txt
t.skimresources.com/api/v2/ Frame 9917
0
134 B
Image
General
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.8658987637149114
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:08 GMT
via
1.1 google
server
Python/3.10 aiohttp/3.8.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/
43 B
276 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=4.435538519657601
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:08 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/
43 B
102 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=4.435538519657601
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:08 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
53 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.200.97 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-200-97.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:08 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Mon, 19 Sep 2022 17:52:08 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/
29 KB
29 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ca7d45c26841657f394d905623d5e5c9c7f32aecc66d66ff8401388ffc43097

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 18 Sep 2022 23:51:43 GMT
via
1.1 205b9099637a29b949f9be6dceccecec.cloudfront.net (CloudFront)
last-modified
Tue, 19 Jul 2022 18:12:22 GMT
server
AmazonS3
age
63926
etag
"979a52ecf913f8004d0123a9b7ba2a05"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-pop
JFK50-P4
accept-ranges
bytes
content-length
29536
x-amz-cf-id
m65L7080WXVWutV18rGsLwqq8yDWfGrlIOzGsIqBkf87NVs4hlZb3g==
id5-api.js
cdn.id5-sync.com/api/1.0/
48 KB
14 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Sep 2022 17:37:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 11:00:45 GMT
server
cloudflare
age
1241
etag
W/"b17c28d6fd88a6b12feea5c52e9a7485"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
74d416698b56714b-YUL
x-amz-request-id
YZJBPEQ7VMQ1D2MM
x-amz-id-2
dA3qpjCNQNr+M/A/o0QbA4zcwPbBMzgAg0MKlys6GCEtRTTZWQl7oRWE2d7SilKLxGO2pJblfXo/1TvwBnDAVg==
iframe.html
z.moatads.com/hd09824092/ Frame 6204
1 KB
2 KB
Document
General
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.105.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-242.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=751
content-length
1374
content-type
text/html
date
Mon, 19 Sep 2022 17:37:08 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
x-amz-id-2
9bL9ryL5jv7GEoXlp4GblcCXFt+Aw0UXac263nsjV8RGYNmhUuYFU56Ibt+kw63DjlvQhWpgENo=
x-amz-request-id
F913FCD9F26DED15
/
geo.privacymanager.io/
30 B
596 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:37:17 GMT
via
1.1 e71ab653feb8332f51edf19089ecf9fc.cloudfront.net (CloudFront), 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
age
35991
x-amzn-requestid
ccd0dc89-08df-41e4-92c6-a9868b09852d
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-63281c2d-191eba8b43b42fe42533577e;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
IAD55-P4, PHL50-C1
x-amz-apigw-id
YslXGFuljoEFdoQ=
content-length
30
x-amz-cf-id
GGSyYjxkitTdb7joDDLOPXT7DOTBqmLXucheOilWkuf7nnzQ7jJDTw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6034988&c3=&c4=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&cs_it=b3&cv=3.8.0.210223&...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6034988&c3=&c4=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&cs_it=b3&cv=3.8.0.210223...
0
190 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6034988&c3=&c4=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&cs_it=b3&cv=3.8.0.210223&ns__t=1663609028139&ns_c=UTF-8&c7=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&c8=Serious%20data%20breach%20at%20Uber%20spotlights%20hacker%20social%20deception%20-%20al.com&c9=
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
13.224.214.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-16.phl50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:08 GMT
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
u1UXzIH4j-WoK-IV-65GcgEmkwYuEwClZoA_6680QXfcECXivL61ew==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=6034988&c3=&c4=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&cs_it=b3&cv=3.8.0.210223&ns__t=1663609028139&ns_c=UTF-8&c7=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&c8=Serious%20data%20breach%20at%20Uber%20spotlights%20hacker%20social%20deception%20-%20al.com&c9=
date
Mon, 19 Sep 2022 17:37:08 GMT
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
content-length
0
x-amz-cf-id
6nHlC6MIAWMQgc2mja9fV_o15Ohx-5pDQQGV7DP3eEChQnvaMeK5Ag==
x-cache
Miss from cloudfront
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663609028150&ns_c=UTF-8&c7=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlig...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663609028150&ns_c=UTF-8&c7=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotli...
0
190 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663609028150&ns_c=UTF-8&c7=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&c8=Serious%20data%20breach%20at%20Uber%20spotlights%20hacker%20social%20deception%20-%20al.com&c9=
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
13.224.214.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-16.phl50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:08 GMT
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
LSqcu49hN-swCiNhyTikp_soF3Cu83Wgq8UjXRDAzD6qUbGtXH1mhw==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663609028150&ns_c=UTF-8&c7=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&c8=Serious%20data%20breach%20at%20Uber%20spotlights%20hacker%20social%20deception%20-%20al.com&c9=
date
Mon, 19 Sep 2022 17:37:08 GMT
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
content-length
0
x-amz-cf-id
HoJ2IhXJ7B0IKJGptT1PuPr3xdHJbQX3cPx7arzTkAbRAUKABypZNA==
x-cache
Miss from cloudfront
120978121945017
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/120978121945017?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
91d7bfa225d7391f46406db4114aa5d213ab5e9619e02e9193964c2d2da384fa
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86399
x-xss-protection
0
pragma
public
x-fb-debug
JY4qd2Now//t76RNfoAmWFEDr40sTL6+y30zuxBHflDHq8Qw/bzvebL4N6SBcis34UMr9pVglBAks7avi280QA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 17:37:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1663609028179&url=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&t...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1663609028179&url=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&t...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1663609028179%26url%3Dhttps%253A%252F%252Fwww.al.com%252Fnews%25...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1663609028179&url=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&t...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1663609028179&url=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&...
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=bf599527-ec21-493c-9236-8e0f4948ead6
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=bf599527-ec21-493c-9236-8e0f4948ead6&_expected_cookie=dfd52e9b1a7f2935095ae159...
43 B
142 B
Image
General
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=bf599527-ec21-493c-9236-8e0f4948ead6&_expected_cookie=dfd52e9b1a7f2935095ae159b54bd9f8
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
104.18.102.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Mon, 19 Sep 2022 17:37:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74d416729f0b546d-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=bf599527-ec21-493c-9236-8e0f4948ead6&_expected_cookie=dfd52e9b1a7f2935095ae159b54bd9f8
date
Mon, 19 Sep 2022 17:37:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74d41671cdd8546d-YYZ
content-length
0
en.json
cdn.cookielaw.org/consent/c4282795-e175-40cc-8ec5-aeb056041ab7/09119d5f-27a6-429d-a491-4d6d379a3bb4/
135 KB
24 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/c4282795-e175-40cc-8ec5-aeb056041ab7/09119d5f-27a6-429d-a491-4d6d379a3bb4/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202208.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fa14a10e5e6a454aa9804fcf48bdf0d2f721ed661fb9dc977d1e61f8b84cbd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 17:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
8oMI0QdBlLjptuGae5vxDw==
age
2700
vary
Accept-Encoding
content-length
24853
x-ms-lease-status
unlocked
last-modified
Wed, 07 Sep 2022 14:34:27 GMT
server
cloudflare
etag
0x8DA90DE119D0EC1
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8bcbbff8-801e-0143-38d4-c2b45a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74d4166a4da2714a-YUL
expires
Mon, 19 Sep 2022 21:37:08 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Q2GF9K551G&gtm=2oe9e0&_p=2078583571&cid=1987971981.1663609028&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&dt=Serious%20data%20breach%20at%20Uber%20spotlights%20hacker%20social%20deception&dl=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&sid=1663609028&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.headline=serious%20data%20breach%20at%20uber%20spotlights%20hacker%20social%20deception&ep.author=%5Bfrank%20bajak%5D&ep.entry_id=3VY6E76V2VCKXMBJLSKSVLT75Y&ep.page_type=cal&ep.product=cal&ep.platform=desktop&ep.page_path=%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q2GF9K551G&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.al.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
jadserve.postrelease.com/
2 KB
1 KB
Script
General
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.59.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-59-39.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
02cb7021a976ee701a220d545ef95f1ae452e58030139cabf338f4ca69dddbc2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:08 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
851
expires
Mon, 1 Jan 1990 12:00:00 GMT
andoncord
assoc-na.associates-amazon.com/onetag/
16 B
333 B
XHR
General
Full URL
https://assoc-na.associates-amazon.com/onetag/andoncord
Requested by
Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=77490122-7146-40e2-9e24-0b4d977bece3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.141.85 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:37:08 GMT
Server
Server
x-amz-rid
KXXB5SG4AQEJQE25ZF4S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.al.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
16
simple
api.sail-personalize.com/v1/personalize/
288 B
497 B
Fetch
General
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
6ce5720faf06c98583a696f894dcb5e130683f197a5e00dc72e43b0b3ee8f828

Request headers

x-lib-version
v1.0.1
accept-language
en-CA,en;q=0.9
authorization
Bearer 26ec935705200233b3c599d7941432f2
content-type
application/json
accept
application/json
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
x-referring-url
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:08 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
196
allowedmethods
GET,OPTIONS
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame
0
0
Preflight
General
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://www.al.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://www.al.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Mon, 19 Sep 2022 17:37:08 GMT
/
r.skimresources.com/api/
160 B
379 B
XHR
General
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/126006X1587343.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
d42c2f159355038f22dcd8f0974397b82d41a4283b00e3cbb6d9705219f867a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 19 Sep 2022 17:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://www.al.com
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
config.json
c.go-mpulse.net/api/
2 KB
1 KB
XHR
General
Full URL
https://c.go-mpulse.net/api/config.json?key=YEHML-2MP5A-4ERAH-85V5H-86WT5&d=www.al.com&t=5545363&v=1.720.0&sl=0&si=005139fb-abb2-4f97-be59-98782c3e3e40-rigwxu&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=469441
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/YEHML-2MP5A-4ERAH-85V5H-86WT5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1400:d:18a::11a6 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a34d4109218b5aedf3710e78d38ae499c674192337a51d3874cd10bb7646e8cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:37:08 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
775
baker
ead.al.com/
19 B
359 B
Image
General
Full URL
https://ead.al.com/baker?dtstmp=1663609028400
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.21.246 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-21-246.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:08 GMT
Cache-Control
max-age=0, no-cache, no-store
Expires
Mon, 19 Sep 2022 17:37:08 GMT
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
publisher:getClientId
ampcid.google.ca/v1/
3 B
458 B
XHR
General
Full URL
https://ampcid.google.ca/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.al.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
637 B
1 KB
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&pid=By3lsKKanFmZe&cb=0&ws=1600x1200&v=22.9.81452&t=1500&slots=%5B%7B%22sd%22%3A%22topRail-Below-Flex%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22Advance_AL_ATF_DESKTOP%22%7D%2C%7B%22sd%22%3A%22rightRail-Top-300xFlex%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22Advance_AL_ATF_DESKTOP%22%7D%2C%7B%22sd%22%3A%22rightRail-Bottom-300xFlex%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22Advance_AL_BTF_DESKTOP%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22lotame%22%3A%2207e47c5f4873394acffad829716416d539385cfa799f10d050a687bc7cb26bfa%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.16.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-16-121.ord51.r.cloudfront.net
Software
Server /
Resource Hash
f2c042a1cfefc1fbe3ee13eaea8d253a3addeab87acd3836f65d2a14ee118c58
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:08 GMT
via
1.1 e33f9b70f44dd8480ee8341cee825b8a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ORD51-C2
x-amz-rid
3EAE2GTB29ZX9V8P9XS7
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
637
x-amz-cf-id
0uwKXzGQWuHWDlLXef8H7bvDYm-uB1eoJePTExeS0IJHfmpSaAWR3Q==
integrator.js
adservice.google.ca/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.al.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.al.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
1 KB
683 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1565491691461689&correlator=3638011688115234&eid=31068457%2C31069634%2C31069671%2C44773130&output=ldjh&gdfp_req=1&vrg=2022091501&ptt=17&impl=fifs&iu_parts=344101295%2CAL%2Cwww.al.com%2Cnews&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50&fluid=height&ifi=1&adks=1680044421&sfv=1-0-38&fsbs=1&fsapi=false&prev_scp=rg_adslot%3DTopRail_Sponsor%26rg_atf%3Dtrue%26rg_iab%3Dfalse%26rg_counter%3D1%26rg_gpid%3DAL-desktop-TopRail_Sponsor%26rg_pagetype%3Dcal%26rg_product%3Diabfalse&eri=1&cust_params=IDS%3Dtimeout%26BSC%3Dtimeout%26rg_version%3Dadv-1.1-c%26pts_pid%3Dd4aceb50-144a-40bd-a0de-822a4d4755ef%26ccaud%3Dc3035%252Cc1470%252C6158%252Call%252C9002%252C0019%252Cc2880%252Cc1055%252Cc2643%252Cc1726%252Cc2934%252C6164%252Cc0333%252Cc3649%252C6057%252C6162%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26tag%3Driver-state%26entryid%3D3VY6E76V2VCKXMBJLSKSVLT75Y%26rg_product%3Dcal%26rg_aux%3D8d5%252Cdss%252Cous%252Cdkv%252Cyht%252C28u%26rg_topic%3Dme%253Bvn%26rg_pagetype%3Dcal%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26rg_pvid%3Dcc08fb53-cf33-4392-84af-3340ef3404b3&sc=1&cookie_enabled=1&abxe=1&dt=1663609028496&lmt=1663609026&dlt=1663609026682&idt=1640&adxs=0&adys=177&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&frm=20&vis=1&psz=1600x154&msz=1600x0&fws=0&ohw=0&ga_vid=1987971981.1663609028&ga_sid=1663609029&ga_hid=2078583571&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26f773c897089f0888cf419ea5dd6a745992901f361d41d41b395d6606abea4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
653
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.al.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B56E
6 KB
4 KB
Document
General
Full URL
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:37:08 GMT
expires
Tue, 19 Sep 2023 17:37:08 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
vtrk.doubleverify.com/
0
179 B
Ping
General
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=d4aceb50-144a-40bd-a0de-822a4d4755ef&z=167326091343&ctx=20823471&cd160=ae88f41f-79bc-48b0-a603-7fac03e9faa9&cd161=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&ea=error&cd110=unknown%20error&cmp=DV460143
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.43.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-43-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.al.com
date
Mon, 19 Sep 2022 17:37:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
pmk-202010011.3.js
widget.perfectmarket.com/advance-network/
118 KB
32 KB
Script
General
Full URL
https://widget.perfectmarket.com/advance-network/pmk-202010011.3.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/advance-network/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28e32bf626a751627f65093983897c5c069aaf05f339461965aab579378ccdb6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
RXec08sdhW3uXcwLaGYTMUIAxHyJp8Yq
content-encoding
gzip
etag
"13755874a95b2f3bcb3ed3c0784f6a20"
age
14456563
x-cache
HIT, HIT
content-length
32406
x-amz-id-2
hUqvUx0fLUrpJXSx292/0WJh6hS6YPrlo8xXfArKVln8vW3QNzgMLYj5SkmT6GAhe0MEVIrQtLM=
x-served-by
cache-lax10630-LGB, cache-yul12831-YUL
last-modified
Tue, 06 Oct 2020 12:02:08 GMT
server
AmazonS3
x-timer
S1663609029.565444,VS0,VE0
date
Mon, 19 Sep 2022 17:37:08 GMT
vary
Accept-Encoding,,
x-amz-request-id
7RJ2G5RF27GCDPG5
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
5674, 24967
onetag
assoc-na.associates-amazon.com/
64 B
381 B
XHR
General
Full URL
https://assoc-na.associates-amazon.com/onetag?src=330&pj=%7B%22tracking_id%22%3A%22advanceal-20%22%2C%22assocPayloadId%22%3Anull%2C%22refUrl%22%3A%22https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html%22%7D&u=https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Requested by
Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=77490122-7146-40e2-9e24-0b4d977bece3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.141.85 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
85d5ecf5f86975446a8e3f2c460c2867b0ea67a1aacad4a9946975b2821005e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:37:08 GMT
Server
Server
x-amz-rid
SJBZY0PJSYGZEPB92CKM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.al.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
64
json
trc.taboola.com/advance-alabama/trc/3/
53 KB
16 KB
XHR
General
Full URL
https://trc.taboola.com/advance-alabama/trc/3/json?tim=17%3A37%3A08.587&lti=deflated&data=%7B%22id%22%3A519%2C%22ii%22%3A%22%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1663605702649%2C%22vi%22%3A1663609028583%2C%22cv%22%3A%2220220919-29-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html%22%2C%22vpi%22%3A%22%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5788%2C%22nsid%22%3A%22advance-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-rr%3Apub%3Dadvance-network%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20hybrid%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20hybrid%20Thumbnails%22%2C%22cd%22%3A1066.796875%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html%2CRight%20Rail%20hybrid%20Thumbnails%3Dalternating-thumbnails-rr%3Apub%3Dadvance-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220919-29-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ab545c5b8e6ac6f44ff82c36e6f3547eaca5504a0b547fe1cd0c27dfa50f165d

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
789
date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
server
nginx
x-timer
S1663609029.603758,VS0,VE789
x-served-by
cache-yul12830-YUL
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
get.js
buy.tinypass.com/api/v3/anon/captcha/
153 B
332 B
Script
General
Full URL
https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=rdx9aWSVf9
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0bf7980ca0b77aaf26a72acf3dd5f291e714c439e1fee4077d272730c43d79
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
40
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
M3twgirs2wS
pragma
wn
prod-dash-10-0-93-240
last-modified
Mon, 19 Sep 2022 17:34:15 GMT
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.003
cache-control
public, max-age=1200
cf-ray
74d4166d290bca53-YUL
expires
Mon, 19 Sep 2022 17:57:08 GMT
prebid
prebid.media.net/rtb/
1 KB
871 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
aff96522b5804bc7f1ed506c574fb9177677acdc47a833e2195cd14bf2f40e81

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:08 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.al.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
pbjs
htlb.casalemedia.com/openrtb/
36 B
566 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=488126&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225fca14d42a4353%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%227.11.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html%22%2C%22tmax%22%3A1000%2C%22syncsPerBidder%22%3A3%2C%22pbadslot%22%3A%22344101295%2FAL%2Fwww.al.com%2Fnews%23rightRail-Bottom-300xFlex%22%2C%22adunitcode%22%3A%22rightRail-Bottom-300xFlex%22%2C%22divId%22%3A%22rightRail-Bottom-300xFlex%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22607317ede72a95%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22488126%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22488126%22%2C%22sid%22%3A%22970x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22488126%22%2C%22sid%22%3A%22970x250%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22344101295%2FAL%2Fwww.al.com%2Fnews%22%2C%22gpid%22%3A%22344101295%2FAL%2Fwww.al.com%2Fnews%23topRail-Below-Flex%22%2C%22tid%22%3A%2218e2bba7-a7ba-48d2-bb26-f396cb744f3e%22%7D%2C%22bidfloor%22%3A0.28%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22917dc558f1a5dd%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22488123%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22488123%22%2C%22sid%22%3A%22300x600%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22344101295%2FAL%2Fwww.al.com%2Fnews%22%2C%22gpid%22%3A%22344101295%2FAL%2Fwww.al.com%2Fnews%23rightRail-Top-300xFlex%22%2C%22tid%22%3A%229e328be6-5be8-4e00-ada2-8c5d2a80944b%22%7D%2C%22bidfloor%22%3A0.28%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%221127e004c3ba74d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22488119%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22488119%22%2C%22sid%22%3A%22300x600%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22344101295%2FAL%2Fwww.al.com%2Fnews%22%2C%22gpid%22%3A%22344101295%2FAL%2Fwww.al.com%2Fnews%23rightRail-Bottom-300xFlex%22%2C%22tid%22%3A%225f2d8964-3f3f-42ea-b6f9-d0f0ac5f7f89%22%7D%2C%22bidfloor%22%3A0.28%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223351a68b-6164-4422-b535-4e7decfd2881%22%7D%5D%7D%5D%7D%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97d0ebd992c444d0993701cfa2032da7459012b685df3e7af1d0e5370ea3e150

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XS5qfyB%2FjUGHZbnr9II5oqgLyNgxQHcl0DsnAoVPJ%2FKDmKUJclA9miRVlJXQJ%2FvnXJOBSMMLBf9UjC3hQ42lZjiMADvhLunyndusCUSYun5gz%2Fddhx3AyGwQuPSlH%2F1SZYXbG18i"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.al.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74d4166e086da1d8-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
exchange.postrelease.com/
0
652 B
XHR
General
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1133938,1133936&ntv_pas=eyIxMTMzOTM2IjpbWzMwMCwyNTBdLFszMDAsNjAwXV0sIjExMzM5MzgiOltbMzAwLDI1MF0sWzMwMCw2MDBdXSwibGVuZ3RoIjoyfQ==&ntv_ppf=eyJyaWdodFJhaWwtVG9wLTMwMHhGbGV4Ijp7ImJhbm5lciI6eyIzMDB4MjUwIjowLjI4LCIzMDB4NjAwIjowLjI4LCIqIjowLjI4fSwiKiI6eyIqIjowLjI4LCIzMDB4MjUwIjowLjI4LCIzMDB4NjAwIjowLjI4fX0sInJpZ2h0UmFpbC1Cb3R0b20tMzAweEZsZXgiOnsiYmFubmVyIjp7IjMwMHgyNTAiOjAuMjgsIjMwMHg2MDAiOjAuMjgsIioiOjAuMjh9LCIqIjp7IioiOjAuMjgsIjMwMHgyNTAiOjAuMjgsIjMwMHg2MDAiOjAuMjh9fX0=&ntv_pb_rid=13d0e01e52ab8a5&ntv_ppc=W3siYWRVbml0Q29kZSI6InJpZ2h0UmFpbC1Ub3AtMzAweEZsZXgiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzAwLDYwMF1dfX19LHsiYWRVbml0Q29kZSI6InJpZ2h0UmFpbC1Cb3R0b20tMzAweEZsZXgiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzAwLDYwMF1dfX19XQ==&ntv_dbr=eyJyaWdodFJhaWwtVG9wLTMwMHhGbGV4IjowLCJyaWdodFJhaWwtQm90dG9tLTMwMHhGbGV4IjowfQ==&ntv_url=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.243.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-243-126.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:08 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://www.al.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
113 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.al.com
date
Mon, 19 Sep 2022 17:37:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/
619 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311352&zone_id=1580648%3B1580638%3B1580634&size_id=2%3B15%3B15&alt_size_ids=55%2C57%3B10%3B10&p_pos=atf%3B%3B&eid_pubcid.org=3351a68b-6164-4422-b535-4e7decfd2881%5E1&rf=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&tg_i.aupname=344101295%2FAL%2F.*%26rg_adslot%3DTopRail_Below_Flex%2Crg_platform%3Ddesktop%3B344101295%2FAL%2F.*%26rg_adslot%3DRightRail_Top%2Crg_platform%3Ddesktop%3B344101295%2FAL%2F.*%26rg_adslot%3DRightRail_Bottom%2Crg_platform%3Ddesktop&tg_i.pbadslot=344101295%2FAL%2Fwww.al.com%2Fnews%23topRail-Below-Flex%3B344101295%2FAL%2Fwww.al.com%2Fnews%23rightRail-Top-300xFlex%3B344101295%2FAL%2Fwww.al.com%2Fnews%23rightRail-Bottom-300xFlex&tk_flint=dmpbjs_v7.11.0&x_source.tid=18e2bba7-a7ba-48d2-bb26-f396cb744f3e%3B9e328be6-5be8-4e00-ada2-8c5d2a80944b%3B5f2d8964-3f3f-42ea-b6f9-d0f0ac5f7f89&l_pb_bid_id=21a7a2c0b733313%3B2223ce5080e6292%3B23a6139644fe889&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.28&rp_maxbids=1&p_gpid=344101295%2FAL%2Fwww.al.com%2Fnews%23topRail-Below-Flex%3B344101295%2FAL%2Fwww.al.com%2Fnews%23rightRail-Top-300xFlex%3B344101295%2FAL%2Fwww.al.com%2Fnews%23rightRail-Bottom-300xFlex&slots=3&rand=0.8940338348090986
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a8adf131d347231221d3dfdbdc1152820684842a436191cc75b81dc2a3faaa00

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.al.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/json
expires
Wed, 17 Sep 1975 21:32:10 GMT
1070
w698.al.com/DG/DEFAULT/rest/rpc/
110 KB
22 KB
XHR
General
Full URL
https://w698.al.com/DG/DEFAULT/rest/rpc/1070?referer=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&bcsessionid=&bctempid=&overruleReferrer=&time=2022-09-19T17%3A37%3A08%2B00%3A00&ts=1663609028777
Requested by
Host: w698.al.com
URL: https://w698.al.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-76.phl50.r.cloudfront.net
Software
- /
Resource Hash
f0fe48c6d801e92f2a828fd845c6a23669fdf39c8601a073c7dc3892f5eafe5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
21620
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.al.com
server
-
content-type
application/json; charset=utf-8
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
oZ6MbX_Pf-BqISPcTVyML3HvEGaDeGsxOhf19x7W_MbHivQYJkpqGQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
v2ecp9ZgQ1A6rQWVFkqvJI01l9kvhvTXNUB2E7M6wB5pjCNe-aRcxB3xOiHFR0biOAW74bNUx
satisfycork.com/
3 B
27 B
Fetch
General
Full URL
https://satisfycork.com/v2ecp9ZgQ1A6rQWVFkqvJI01l9kvhvTXNUB2E7M6wB5pjCNe-aRcxB3xOiHFR0biOAW74bNUx
Requested by
Host: satisfycork.com
URL: https://satisfycork.com/v2zpfqhAPVTT5bj6h2rPC9Ozesgdp1Lzz2KRoHtItJQzd23XmjY3WKXg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:802f::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
via
1.1 google
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-us-east1
date
Mon, 19 Sep 2022 17:37:08 GMT
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
x-hostname
fen-hoothoot-us-east1-spot-2mv2
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
/
p1.parsely.com/plogger/
43 B
257 B
Image
General
Full URL
https://p1.parsely.com/plogger/?rand=1663609028810&plid=8587023&idsite=al.com&url=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&sref=&sts=1663609028802&slts=0&title=Serious+data+breach+at+Uber+spotlights+hacker+social+deception+-+al.com&date=Mon+Sep+19+2022+17%3A37%3A08+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=69583151&u=pid%3Dd86173013bffcc9c7fb0939f4e01e50a
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-167-202.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:37:08 GMT
Cache-Control
no-cache
Last-Modified
Monday, 19-Sep-2022 17:37:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2078583571&t=pageview&_s=1&dl=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&dp=%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&ul=en-us&de=UTF-8&dt=Serious%20data%20breach%20at%20Uber%20spotlights%20hacker%20social%20deception%20-%20al.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAQCAC~&jid=1373118652&gjid=15788178&cid=1987971981.1663609028&tid=UA-16643585-4&_gid=418718603.1663609029&_r=1&gtm=2wg9e0WVBR3RD&cd1=undefined&cd2=undefined&cd3=serious%20data%20breach%20at%20uber%20spotlights%20hacker%20social%20deception&cd4=undefined&cd6=undefined&cd9=cc08fb53-cf33-4392-84af-3340ef3404b3&cd10=undefined&cd11=undefined&cd13=Weekday&cd14=undefined&cd15=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=al&cd21=%40river-state&cd23=3VY6E76V2VCKXMBJLSKSVLT75Y&cd25=undefined&cd28=%5Bfrank%20bajak%5D&cd29=undefined&cd30=cal&cd31=undefined&cd32=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=Apps%20and%20Software%3BDefense%20and%20Cybersecurity&cd37=news&cd38=No%20Referrer&cd39=undefined&cd40=undefined&cd43=false&cd44=undefined&cd45=undefined&cd46=cal&cd47=desktop&cd48=undefined&cd50=GA%20pageview%20-%20template%20-%20All%20Pages&cd51=undefined&cd52=undefined&cd53=adv-1.1-c&cd54=News&cd55=2022-09-17T17%3A25%3A46.851Z&cd56=2022-09-17T17%3A25%3A46.851Z&cd57=organization%7Corganization%7Clocation%7Corganization%7Corganization%7Clocation%7Corganization%7Cperson%7Cperson%7Cperson&cd58=MFA%7CUber%7CAmazon%7CGoogle%7CAP%7CSan%20Francisco%7CFBI%7CCorben%20Leo%7CSam%20Curry%7CRachel%20Tobac&cd59=undefined&cd60=undefined&cd62=8d5%2Cdss%2Cous%2Cdkv%2Cyht%2C28u&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd86=undefined&cd87=adv-1.1-c&cd88=true&cd61=1987971981.1663609028&z=1229307034
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.al.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2078583571&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&dp=%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&ul=en-us&de=UTF-8&dt=Serious%20data%20breach%20at%20Uber%20spotlights%20hacker%20social%20deception%20-%20al.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ad&ea=opportunity&el=taboola_rightrail&ev=0&_u=aDDAAEABAAQCAC~&jid=&gjid=&cid=1987971981.1663609028&tid=UA-16643585-4&_gid=418718603.1663609029&gtm=2wg9e0WVBR3RD&cd1=undefined&cd2=undefined&cd3=serious%20data%20breach%20at%20uber%20spotlights%20hacker%20social%20deception&cd4=undefined&cd6=undefined&cd9=cc08fb53-cf33-4392-84af-3340ef3404b3&cd10=undefined&cd11=undefined&cd13=Weekday&cd14=undefined&cd15=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=al&cd21=%40river-state&cd23=3VY6E76V2VCKXMBJLSKSVLT75Y&cd25=undefined&cd28=%5Bfrank%20bajak%5D&cd29=undefined&cd30=cal&cd31=undefined&cd32=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=Apps%20and%20Software%3BDefense%20and%20Cybersecurity&cd37=news&cd38=No%20Referrer&cd39=undefined&cd40=undefined&cd43=false&cd44=undefined&cd45=undefined&cd46=cal&cd47=desktop&cd48=undefined&cd50=GA%20-%20event%20call&cd51=undefined&cd52=undefined&cd53=adv-1.1-c&cd54=News&cd55=2022-09-17T17%3A25%3A46.851Z&cd56=2022-09-17T17%3A25%3A46.851Z&cd57=organization%7Corganization%7Clocation%7Corganization%7Corganization%7Clocation%7Corganization%7Cperson%7Cperson%7Cperson&cd58=MFA%7CUber%7CAmazon%7CGoogle%7CAP%7CSan%20Francisco%7CFBI%7CCorben%20Leo%7CSam%20Curry%7CRachel%20Tobac&cd59=undefined&cd60=undefined&cd62=8d5%2Cdss%2Cous%2Cdkv%2Cyht%2C28u&cd64=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd86=undefined&cd87=adv-1.1-c&cd88=true&cd61=1987971981.1663609028&cd98=undefined&z=1989032040
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 01:40:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57371
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
page
t.skimresources.com/api/v2/
22 B
43 B
XHR
General
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/126006X1587343.skimlinks.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.1 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:08 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.1
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.al.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
link
t.skimresources.com/api/v2/
22 B
44 B
XHR
General
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/126006X1587343.skimlinks.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.1 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:08 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.1
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.al.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
warning
299 - "Deprecated API"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
trk.gif
jadserve.postrelease.com/
43 B
539 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=8332057&ntv_pl=1095321
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.59.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-59-39.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:08 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/
43 B
539 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=ca0cc01f-7d97-4ea0-8313-9fa45c935b9c&ntv_fl=Nx69_N4dvnxIJN8OUp4UeGr4viZaUdwd5xSwcS6CgLEx6fL5fHEM68XmuIg2Azt3lkKH0qI68wkP3XVDqRq00g8h8TuZhRy1Y7-bX55Fst5bzOgOIzgJXzDEYQ6HwqQlxTNb6qwr-S-WGj0k3K7u6qiagHuH3xA3NKYifNW_NKInHVhcBOS4ylc8TG05k3iF8dUgbwpn0qNxKSub_i-qGGARJCj8CE8PlUpxy3vrzEXghCw9SY3n-O4w5giryay2YVjIooC0VxfPCeExDhSbvdx2bkHH7UQwcqY7s8g-SXDBTX1BQM7TTbT39V1bTBu1PtNpYbALYtG3JtXi9WWo5g==&ntv_ht=xKgoYwA&ntv_at=303,302&ntv_a=AAAAAAAAAAmbYQA&ord=1663609028880&ntv_it
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.59.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-59-39.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:08 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/
43 B
539 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=ca0cc01f-7d97-4ea0-8313-9fa45c935b9c&ntv_fl=Nx69_N4dvnxIJN8OUp4UeGr4viZaUdwd5xSwcS6CgLEx6fL5fHEM68XmuIg2Azt3lkKH0qI68wkP3XVDqRq00g8h8TuZhRy1Y7-bX55Fst5bzOgOIzgJXzDEYQ6HwqQlxTNb6qwr-S-WGj0k3K7u6qiagHuH3xA3NKYifNW_NKInHVhcBOS4ylc8TG05k3iF8dUgbwpn0qNxKSub_i-qGGARJCj8CE8PlUpxy3vrzEXghCw9SY3n-O4w5giryay2YVjIooC0VxfPCeExDhSbvdx2bkHH7UQwcqY7s8g-SXDBTX1BQM7TTbT39V1bTBu1PtNpYbALYtG3JtXi9WWo5g==&ntv_ht=xKgoYwA&ntv_at=321,322,333&ntv_a=AAAAAAAAAAmbYQA&ntv_jlt=2393&ntv_jad=612&ntv_jte=14&ntv_it
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.59.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-59-39.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:08 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame DDD3
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_an-db5
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_an-db5&dcc=t
278 B
1 KB
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_an-db5&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
6dac963ce4b6ea77a29e061f58a5e72b6e16d651dba939be7c3db8761d1fc588
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
278
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 19 Sep 2022 17:37:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
YM41HZ1WFA7TKJZD3DDK

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 19 Sep 2022 17:37:08 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_an-db5&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
C75H422A3YXSA7A8N6SM
otFlat.json
cdn.cookielaw.org/scripttemplates/202208.1.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202208.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202208.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 17:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ivRWEcgBmKISMHohZLmqHg==
age
2700
vary
Accept-Encoding
content-length
3007
x-ms-lease-status
unlocked
last-modified
Fri, 02 Sep 2022 06:26:11 GMT
server
cloudflare
etag
0x8DA8CAC07455974
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a168caf7-001e-0134-76e2-c2311b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74d4166eee9d714a-YUL
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202208.1.0/assets/
62 KB
15 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202208.1.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202208.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 17:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
swAgHfEDuh0iqMy2LpxrJQ==
age
2700
vary
Accept-Encoding
content-length
14749
x-ms-lease-status
unlocked
last-modified
Fri, 02 Sep 2022 06:26:12 GMT
server
cloudflare
etag
0x8DA8CAC07E21E7C
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a68a5f27-701e-0156-10e2-c276c3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74d4166eeea0714a-YUL
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202208.1.0/assets/
22 KB
5 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202208.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202208.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 17:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
B55i3ZY9miZIaUrwjufy0w==
age
2700
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Fri, 02 Sep 2022 06:26:26 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
f487e229-601e-016b-01e2-c2c3e5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
74d4166eeea2714a-YUL
12ca2e56f05505f978baf73440de9b40
w698.al.com/plugin/plugin/
137 KB
37 KB
Script
General
Full URL
https://w698.al.com/plugin/plugin/12ca2e56f05505f978baf73440de9b40
Requested by
Host: w698.al.com
URL: https://w698.al.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-76.phl50.r.cloudfront.net
Software
- /
Resource Hash
46a19d23cbdd940140b04292cc3892d5d5553810f7e292858447944a681e1b25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 09:02:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
376485
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
37288
x-xss-protection
1; mode=block
last-modified
Wed, 14 Sep 2022 09:02:23 GMT
server
-
etag
12ca2e56f05505f978baf73440de9b40
content-type
text/javascript; charset=utf-8
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop
PHL50-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
Oc93brjZvOg5XN1_7ZHzChQWG-8UeRnhfhl9w8rrr0gWFpYHQsoMXw==
expires
Fri, 15 Sep 2023 09:02:23 GMT
LB-Zone-1
w698.al.com/DG/DEFAULT/rest/rpc/1070/
351 B
986 B
XHR
General
Full URL
https://w698.al.com/DG/DEFAULT/rest/rpc/1070/LB-Zone-1?referer=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&bcsessionid=&bctempid=84b9c698-a20f-402d-8057-95dca1f3cb50&overruleReferrer=&time=2022-09-19T17%3A37%3A08%2B00%3A00&ts=1663609028947
Requested by
Host: w698.al.com
URL: https://w698.al.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-76.phl50.r.cloudfront.net
Software
- /
Resource Hash
2dfc4972c0090ea6cf2a636e15e639a090c3937794c677f18394919f93456da4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
232
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.al.com
server
-
content-type
application/json; charset=utf-8
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
6Z3W5Flo_nsoZMoVufZxHAeAly1K8fzBLzg0g9PW3WqavVNo74wGTA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
220234266069963
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/220234266069963?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
07e2931edacbc02c4b8326499da509f79145246fa660c13fd4a77954ec041f4d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86055
x-xss-protection
0
pragma
public
x-fb-debug
Kr58EzmLKyChbZ9B1MA2Drh/BFEhDCnq46UkjZ+MdrJZxTniK+i9mMXALp8UP/YJFWeR/zuPibfKV/U0AP/ezw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 17:37:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/
33 B
324 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
55de728ef0a10936705cb99408295f6edb6fc3d2b4e7d22e35a34ecd7a07d3b2

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.al.com
date
Mon, 19 Sep 2022 17:37:08 GMT
transfer-encoding
chunked
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pixels
bcp.crwdcntrl.net/ Frame 3ACC
4 KB
4 KB
Document
General
Full URL
https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=958
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
51094775786b07927f377fc8e35a32c9bcb15f6ed4b6be16fd6d3bec9d79bd15

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-length
4078
content-type
text/html
date
Mon, 19 Sep 2022 17:37:09 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.36.167
collect
stats.g.doubleclick.net/j/
1 B
436 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16643585-4&cid=1987971981.1663609028&jid=1373118652&gjid=15788178&_gid=418718603.1663609029&_u=aADAAEAAAAQCAC~&z=1867636860
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 19 Sep 2022 17:37:09 GMT
content-type
text/plain
access-control-allow-origin
https://www.al.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
FormLogo.jpg
cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/9db7a06a-4f0a-4b5b-8abb-9f3aac23afb7/f8bc963b-b2e8-45f7-80d3-988cede5f448/
89 KB
89 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/9db7a06a-4f0a-4b5b-8abb-9f3aac23afb7/f8bc963b-b2e8-45f7-80d3-988cede5f448/FormLogo.jpg
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 17:37:09 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/VgjLzERih8MeSo4vme4Lw==
age
8588
vary
Accept-Encoding
content-length
90639
x-ms-lease-status
unlocked
last-modified
Tue, 15 Dec 2020 19:27:11 GMT
server
cloudflare
etag
0x8D8A12F6B751639
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
1940a327-701e-0119-116f-c4b2db000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74d4166fbd85ca4f-YUL
cf-bgj
h2pri
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/
3 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
LpuayL42jB78xRllx0vkOw==
age
8579
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Thu, 15 Sep 2022 18:22:23 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
bb108369-501e-012c-1937-c91c8e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
74d4166fbd89ca4f-YUL
d21154f6c19aa46b3b1216e31b7d6518
w698.al.com/plugin/library/
317 KB
100 KB
Script
General
Full URL
https://w698.al.com/plugin/library/d21154f6c19aa46b3b1216e31b7d6518
Requested by
Host: w698.al.com
URL: https://w698.al.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-76.phl50.r.cloudfront.net
Software
- /
Resource Hash
3726d39b1bcfeb1aa9dd9b3410560a00766b20c6eb74c891aac555cee7e66af1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 16:42:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
2249705
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
102117
x-xss-protection
1; mode=block
last-modified
Tue, 23 Aug 2022 16:42:04 GMT
server
-
etag
d21154f6c19aa46b3b1216e31b7d6518
content-type
text/javascript; charset=utf-8
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop
PHL50-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
hGZ18eYaxirluVgToHl4l3jt03WGTJ2xqVBggaSRImeDdkqaRNVJmg==
expires
Thu, 24 Aug 2023 16:42:04 GMT
LB-Zone-1
w698.al.com/DG/DEFAULT/rest/rpc/1070/
4 KB
2 KB
XHR
General
Full URL
https://w698.al.com/DG/DEFAULT/rest/rpc/1070/LB-Zone-1?referer=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&bcsessionid=&bctempid=84b9c698-a20f-402d-8057-95dca1f3cb50&overruleReferrer=&time=2022-09-19T17%3A37%3A09%2B00%3A00&ts=1663609029079
Requested by
Host: w698.al.com
URL: https://w698.al.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-76.phl50.r.cloudfront.net
Software
- /
Resource Hash
e852f50e9d2ce9f2878052a1cb025e9ceabf069ce8af6cbedbac0710f0e3732a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1354
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.al.com
server
-
content-type
application/json; charset=utf-8
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
cUJcm_9xU-eT0010Huceoz6tphUvNwklt5oQvfBg7qc3sqr32UVrww==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/
44 B
409 B
Image
General
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=PageView&dl=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&rl=&if=false&ts=1663609029120&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663609029118.1055637007&it=1663609028164&coo=false&rqm=GET
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 19 Sep 2022 17:37:09 GMT
/
www.facebook.com/tr/
44 B
214 B
Image
General
Full URL
https://www.facebook.com/tr/?id=220234266069963&ev=PageView&dl=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&rl=&if=false&ts=1663609029122&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663609029118.1055637007&it=1663609028164&coo=false&rqm=GET
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 19 Sep 2022 17:37:09 GMT
/
www.facebook.com/tr/
44 B
213 B
Image
General
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=ViewContent&dl=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&rl=&if=false&ts=1663609029123&cd[article_content_tier]=metered&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=3VY6E76V2VCKXMBJLSKSVLT75Y&cd[content_type]=cal&cd[content_category]=News&cd[content_name]=serious%20data%20breach%20at%20uber%20spotlights%20hacker%20social%20deception&sw=1600&sh=1200&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.1.1663609029118.1055637007&it=1663609028164&coo=false&tm=1&rqm=GET
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 19 Sep 2022 17:37:09 GMT
/
www.facebook.com/tr/
44 B
214 B
Image
General
Full URL
https://www.facebook.com/tr/?id=220234266069963&ev=ViewContent&dl=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&rl=&if=false&ts=1663609029124&cd[article_content_tier]=metered&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=3VY6E76V2VCKXMBJLSKSVLT75Y&cd[content_type]=cal&cd[content_category]=News&cd[content_name]=serious%20data%20breach%20at%20uber%20spotlights%20hacker%20social%20deception&sw=1600&sh=1200&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.1.1663609029118.1055637007&it=1663609028164&coo=false&tm=1&rqm=GET
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 19 Sep 2022 17:37:09 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3416866980725250136/gdpr=/ Frame 3ACC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1040
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1040
  • https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3416866980725250136/gdpr=/gdpr_consent=
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3416866980725250136/gdpr=/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.44.71
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
server
nginx
location
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3416866980725250136/gdpr=/gdpr_consent=
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
qmap
sync.crwdcntrl.net/ Frame 3ACC
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&gdpr=0
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.6.47
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&gdpr=0
date
Mon, 19 Sep 2022 17:37:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
insync
thrtle.com/ Frame 3ACC
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10014&gdpr=0&vxii_pdid=9f0f2299617d4ba9f43b8a63b40f400f
  • https://thrtle.com/insync?gdpr=0&vxii_pdid=9f0f2299617d4ba9f43b8a63b40f400f&vxii_pid=12&vxii_pid1=10014&vxii_rcid=10692042-0ce0-41dc-8cca-e27e0da5898f
43 B
348 B
Image
General
Full URL
https://thrtle.com/insync?gdpr=0&vxii_pdid=9f0f2299617d4ba9f43b8a63b40f400f&vxii_pid=12&vxii_pid1=10014&vxii_rcid=10692042-0ce0-41dc-8cca-e27e0da5898f
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Server
18.233.202.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-202-251.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
server
p3p
CP="NOI OUR BUS UNI COM NAV"
content-length
43
strict-transport-security
max-age=63072000; includeSubDomains
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&vxii_pdid=9f0f2299617d4ba9f43b8a63b40f400f&vxii_pid=12&vxii_pid1=10014&vxii_rcid=10692042-0ce0-41dc-8cca-e27e0da5898f
date
Mon, 19 Sep 2022 17:37:09 GMT
server
content-type
text/html; charset=utf-8
content-length
189
strict-transport-security
max-age=63072000; includeSubDomains
p3p
CP="NOI OUR BUS UNI COM NAV"
tpid=EFC64CBD0BF84FEF9BA13C033C226E52
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/ Frame 3ACC
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=EFC64CBD0BF84FEF9BA13C033C226E52
49 B
265 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=EFC64CBD0BF84FEF9BA13C033C226E52
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.33.155
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Mon, 19 Sep 2022 17:37:09 GMT
x-content-type-options
nosniff
server
openresty
location
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=EFC64CBD0BF84FEF9BA13C033C226E52
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 18 Sep 2022 17:37:09 GMT
41715
i6.liadm.com/s/ Frame 3ACC
Redirect Chain
  • https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=9f0f2299617d4ba9f43b8a63b40f400f
  • https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=9f0f2299617d4ba9f43b8a63b40f400f
43 B
419 B
Image
General
Full URL
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=9f0f2299617d4ba9f43b8a63b40f400f
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:be9:db47:5744:e7ff Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:37:09 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=9f0f2299617d4ba9f43b8a63b40f400f
Date
Mon, 19 Sep 2022 17:37:09 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=53ce5430-0132-4e50-8142-31f223e51f5c/gdpr=0/ Frame 3ACC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=53ce5430-0132-4e50-8142-31f223e51f5c/gdpr=0/gdpr_consent=
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=53ce5430-0132-4e50-8142-31f223e51f5c/gdpr=0/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.8.176
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=53ce5430-0132-4e50-8142-31f223e51f5c/gdpr=0/gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
249
usync.php
sync.jivox.com/tags/sync/ Frame 3ACC
0
0
Image
General
Full URL
https://sync.jivox.com/tags/sync/usync.php?px=1utAfZ8i
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.145.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-145-253.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

/
loadus.exelator.com/load/ Frame 3ACC
0
324 B
Image
General
Full URL
https://loadus.exelator.com/load/?p=204&g=260&buid=9f0f2299617d4ba9f43b8a63b40f400f&j=0&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-197-56.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
gdpr=0
sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=a1c47631-f2e3-488b-a302-ab8beb2bf768/ Frame 3ACC
Redirect Chain
  • https://jadserve.postrelease.com/dmp/5?vk=9f0f2299617d4ba9f43b8a63b40f400f/gdpr=0&ntv_r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D8157%2Ftp%3DNLDN%2Ftpid%3DNTV_USER_ID%2Fgdpr%3D0
  • https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=a1c47631-f2e3-488b-a302-ab8beb2bf768/gdpr=0
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=a1c47631-f2e3-488b-a302-ab8beb2bf768/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.36.186
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
server
nginx/1.12.1
location
https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=a1c47631-f2e3-488b-a302-ab8beb2bf768/gdpr=0
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
lotame
sync.sharethis.com/ Frame 3ACC
42 B
549 B
Image
General
Full URL
https://sync.sharethis.com/lotame?uid=9f0f2299617d4ba9f43b8a63b40f400f&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.32.50 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-32-50.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Date
Mon, 19 Sep 2022 17:37:09 GMT
Content-Length
42
Stid
ZHgACWMoqMUAAAAJDZ0CAw==
Content-Type
image/gif
usermatch.gif
beacon.krxd.net/ Frame 3ACC
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=9f0f2299617d4ba9f43b8a63b40f400f
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.122.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-122-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1663609029
x-served-by
beacon-n031-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
image.sbxx
ib.mookie1.com/ Frame 3ACC
Redirect Chain
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=9f0f2299617d4ba9f43b8a63b40f400f
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=9f0f2299617d4ba9f43b8a63b40f400f
120 B
992 B
Image
General
Full URL
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=9f0f2299617d4ba9f43b8a63b40f400f
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
HTTP/1.1
Server
64.58.232.180 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:08 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
LAS12
Content-Type
image/png
Content-Length
120
Expires
-1

Redirect headers

Date
Mon, 19 Sep 2022 17:37:08 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Location
https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=9f0f2299617d4ba9f43b8a63b40f400f
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
X-Server
NY14
Content-Type
text/html; charset=utf-8
Content-Length
217
qmap
sync.crwdcntrl.net/ Frame 3ACC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=183715&gdpr=0&cb=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D6725%26tp%3DINDX%26gdpr%3D0%26tpid%3D__UID__
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D6725%26tp%3DINDX%26gdpr%3D0%26tpid%3D__UID__&gdpr=0&s=183715&C=1
  • https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&gdpr=0&tpid=YyioxYRn5thDcSzcHKUNIQAA%26014
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&gdpr=0&tpid=YyioxYRn5thDcSzcHKUNIQAA%26014
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.33.242
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woeJ1wNzhMnDkD6UalkoC1XAxBZvh%2FrxAjQFL810JgHUxNvdl1z3aKadTTPPmQT%2BR4EuwVk0HGF%2BAGk0M2rdSiY68R3AEtoWKJXbgbQEjQ3GQzvtCP6I4wTduppegisszVo%2Bkr9IGgPOng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&gdpr=0&tpid=YyioxYRn5thDcSzcHKUNIQAA%26014
cache-control
no-cache
cf-ray
74d416724f56a20a-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
utsync.ashx
ml314.com/ Frame 3ACC
43 B
403 B
Image
General
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=9f0f2299617d4ba9f43b8a63b40f400f&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:08 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
0,Tue, 20 Sep 2022 13:37:09 GMT
gdpr=0
sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=a25491b2-e2b2-4fc9-8d7c-8a131e8cc76c/ Frame 3ACC
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D194%2Ftp%3DOPNX%2Ftpid%3D%7BOPENX_ID%7D%2Fgdpr%3D0
  • https://u.openx.net/w/1.0/cm?cc=1&id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D194%2Ftp%3DOPNX%2Ftpid%3D%7BOPENX_ID%7D%2Fgdpr%3D0
  • https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=a25491b2-e2b2-4fc9-8d7c-8a131e8cc76c/gdpr=0
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=a25491b2-e2b2-4fc9-8d7c-8a131e8cc76c/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.37.73
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=a25491b2-e2b2-4fc9-8d7c-8a131e8cc76c/gdpr=0
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
gdpr_consent=
sync.crwdcntrl.net/qmap/c=6569/tp=STKA/tpid=0-58cdf5b5-bd04-449a-6bde-b09e647c1e45$ip$149.56.153.181&gdpr=0/ Frame 3ACC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
  • https://sync.crwdcntrl.net/qmap/c=6569/tp=STKA/tpid=0-58cdf5b5-bd04-449a-6bde-b09e647c1e45$ip$149.56.153.181&gdpr=0/gdpr_consent=
0
132 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap/c=6569/tp=STKA/tpid=0-58cdf5b5-bd04-449a-6bde-b09e647c1e45$ip$149.56.153.181&gdpr=0/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
cache-control
must-revalidate,no-cache,no-store
last-modified
Tue, 13 Sep 2022 18:17:16 GMT
accept-ranges
bytes
content-length
0
content-type
text/html

Redirect headers

Location
https://sync.crwdcntrl.net/qmap/c=6569/tp=STKA/tpid=0-58cdf5b5-bd04-449a-6bde-b09e647c1e45$ip$149.56.153.181&gdpr=0/gdpr_consent=
Date
Mon, 19 Sep 2022 17:37:09 GMT
Connection
keep-alive
Content-Length
156
Content-Type
text/html; charset=utf-8
token
token.rubiconproject.com/ Frame 3ACC
0
460 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=7&puid=9f0f2299617d4ba9f43b8a63b40f400f&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
368ba1c92c09ff88b641150fbbf94341
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
adsct
analytics.twitter.com/i/ Frame 3ACC
43 B
354 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=9f0f2299617d4ba9f43b8a63b40f400f&p_id=63258
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time
6
date
Mon, 19 Sep 2022 17:37:09 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
f993be63ef3debe67241005ad2723b6f79cb850fadcf1b130693ebcbebd8b1bb
content-length
43
bsTd8NdE
sync-tm.everesttech.net/upi/pid/ Frame 3ACC
0
178 B
Image
General
Full URL
https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663609029.471308,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-yul12828-YUL
pixel
cm.g.doubleclick.net/ Frame 3ACC
170 B
502 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=OWYwZjIyOTk2MTdkNGJhOWY0M2I4YTYzYjQwZjQwMGY&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
382416.gif
idsync.rlcdn.com/ Frame 3ACC
42 B
450 B
Image
General
Full URL
https://idsync.rlcdn.com/382416.gif?partner_uid=9f0f2299617d4ba9f43b8a63b40f400f&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:37:09 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
5907
tags.bluekai.com/site/ Frame 3ACC
62 B
450 B
Image
General
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=479593342135d2ae26236614a042bd8e
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.100.229 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length
62
content-type
image/gif
g.json
aa.agkn.com/adscores/ Frame 3ACC
103 B
722 B
Script
General
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-100.jfk50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
via
1.1 410372c9ac35ccad4a4fd5dbf80c9f38.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P3
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
103
x-amz-cf-id
ZvgeAF_u5yArBKTxIZJ3Pv-lmxlEkTrQ1LRxgwxHOGw375w29hI2xg==
expires
0
rand=884623553
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2310414087477230896/gdpr=0/ Frame 3ACC
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=884623553
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2310414087477230896/gdpr=0/rand=884623553
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2310414087477230896/gdpr=0/rand=884623553
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H2
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.34.90
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:09 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
de0d8843-da3c-4c75-bac8-9ed932c10bea
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2310414087477230896/gdpr=0/rand=884623553
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tr
www.facebook.com/ Frame 3ACC
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr?id=699477260652635&ev=LotameAudienceID_313999&noscript=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 19 Sep 2022 17:37:09 GMT
tr
www.facebook.com/ Frame 3ACC
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr?id=160756804798086&ev=LotameAudienceID%20-%2014903&noscript=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=145%2C136%2C125%2C123%2C122%2C116%2C107%2C100%2C86%2C81%2C80%2C78%2C67%2C61%2C58%2C54%2C31%2C27%2C26%2C22%2C14%2C12%2C8%2C2&b=97748%2C1597818%2C1051426&c=958
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 19 Sep 2022 17:37:09 GMT
integrator.js
adservice.google.ca/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.al.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.al.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
184 KB
48 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1565491691461689&correlator=3638011688115234&eid=31068457%2C31069634%2C31069671%2C44773130%2C44767022&output=ldjh&gdfp_req=1&vrg=2022091501&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CAL%2Cwww.al.com%2Cnews&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250%7C970x90%2C320x50%7C300x250%7C300x600%7C300x1050%2C320x50%7C300x250%7C300x600&fluid=0%2Cheight%2Cheight&ifi=2&adks=443498825%2C1931124181%2C2620817189&sfv=1-0-38&fsbs=1%2C1%2C1&fsapi=false&prev_scp=rg_adslot%3DTopRail_Below_Flex%26rg_atf%3Dtrue%26rg_iab%3Dtrue%26rg_counter%3D1%26rg_pr-pl-as%3Dcal%257Cdesktop%257CTopRail_Below_Flex%26rg_pr-pl%3Dcal%257Cdesktop%26rg_gpid%3DAL-desktop-TopRail_Below_Flex%26rg_a9%3DAdvance_AL_ATF_DESKTOP%26rg_pagetype%3Dcal%26rg_product%3Dcal%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_AL_ATF_DESKTOP_2%26rg_gpid-tam%3DAL-desktop-TopRail_Below_Flex-2%7Crg_adslot%3DRightRail_Top%26rg_atf%3Dtrue%26rg_iab%3Dtrue%26rg_counter%3D1%26rg_pr-pl-as%3Dcal%257Cdesktop%257CRightRail_Top%26rg_pr-pl%3Dcal%257Cdesktop%26rg_gpid%3DAL-desktop-RightRail_Top%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dcal%257Cdesktop%257CRightRail_Top%257C0%26rg_a9%3DAdvance_AL_ATF_DESKTOP%26rg_pagetype%3Dcal%26rg_product%3Dcal%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_AL_ATF_DESKTOP_2%26rg_gpid-tam%3DAL-desktop-RightRail_Top-2%7Crg_adslot%3DRightRail_Bottom%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_counter%3D1%26rg_pr-pl-as%3Dcal%257Cdesktop%257CRightRail_Bottom%26rg_pr-pl%3Dcal%257Cdesktop%26rg_gpid%3DAL-desktop-RightRail_Bottom%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dcal%257Cdesktop%257CRightRail_Bottom%257C0%26rg_a9%3DAdvance_AL_BTF_DESKTOP%26rg_pagetype%3Dcal%26rg_product%3Dcal%26amznbid%3Daf5udc%26amznp%3D1vsbw8w%26rg_a9b%3DAdvance_AL_BTF_DESKTOP_1vsbw8w%26rg_gpid-tam%3DAL-desktop-RightRail_Bottom-1vsbw8w%26amzniid%3DJEi-D4sWwbHhHIHmkwa00acAAAGDVtNAPAEAAAxqAQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICBXH_6P%26amznsz%3D300x600&eri=1&cust_params=IDS%3Dtimeout%26BSC%3Dtimeout%26rg_version%3Dadv-1.1-c%26pts_pid%3Dd4aceb50-144a-40bd-a0de-822a4d4755ef%26ccaud%3Dc3035%252Cc1470%252C6158%252Call%252C9002%252C0019%252Cc2880%252Cc1055%252Cc2643%252Cc1726%252Cc2934%252C6164%252Cc0333%252Cc3649%252C6057%252C6162%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26tag%3Driver-state%26entryid%3D3VY6E76V2VCKXMBJLSKSVLT75Y%26rg_product%3Dcal%26rg_aux%3D8d5%252Cdss%252Cous%252Cdkv%252Cyht%252C28u%26rg_topic%3Dme%253Bvn%26rg_pagetype%3Dcal%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26rg_pvid%3Dcc08fb53-cf33-4392-84af-3340ef3404b3&sc=1&cookie=ID%3Dcae86cc899356688-22da186240d700b2%3AT%3D1663609028%3AS%3DALNI_MZ2CX07EPN_bwWfcOtAH1iPoRQ2ug&gpic=UID%3D0000086520311728%3AT%3D1663609028%3ART%3D1663609028%3AS%3DALNI_MbRPqga9S5PJZR5JgSIjm2aidk6rQ&abxe=1&dt=1663609029185&lmt=1663609026&dlt=1663609026682&idt=1640&adxs=436%2C975%2C975&adys=89%2C491%2C1091&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&frm=20&vis=1&psz=1600x154%7C300x600%7C300x5048&msz=728x24%7C300x274%7C300x274&fws=0%2C512%2C512&ohw=0%2C0%2C0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=1987971981.1663609028&ga_sid=1663609029&ga_hid=2078583571&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91e8ce36ff6f8b9ecfeaff959610c7f03f9b32dd1517340f7727be4986d2616e
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16005181246223008224/970x250/SailPoint-HomeDepot-Stat-DigitalAds-V1-970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16005181246223008224/970x250/SailPoint-HomeDepot-Stat-DigitalAds-V1-970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN2R8MmyofoCFfKq0QQdCawEXw&gqi=&layout=/sadbundle/%24csp%253Der3%24/16005181246223008224/970x250/SailPoint-HomeDepot-Stat-DigitalAds-V1-970x250.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16005181246223008224/970x250/SailPoint-HomeDepot-Stat-DigitalAds-V1-970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16005181246223008224/970x250/SailPoint-HomeDepot-Stat-DigitalAds-V1-970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN2R8MmyofoCFfKq0QQdCawEXw&gqi=&layout=/sadbundle/%24csp%253Der3%24/16005181246223008224/970x250/SailPoint-HomeDepot-Stat-DigitalAds-V1-970x250.html
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
google-creative-id
-1,138386336931,138224706452
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49161
x-xss-protection
0
google-lineitem-id
-1,1719447535,1731081415
pragma
no-cache
server
cafe
google-mediationtag-id
-2
date
Mon, 19 Sep 2022 17:37:09 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.al.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame D6FA
707 B
1 KB
Document
General
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=an-db5_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_an-db5&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
0a34dcd7cbaa24d992747e892bcc51988d562ae429a280f8da1503ff9e621c57
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_an-db5&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
707
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 19 Sep 2022 17:37:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
EYHWQC6609R0PPP9XYPZ
cs
advancelocal.blueconic.net/DG/DEFAULT/
67 B
859 B
Script
General
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?bcsessionid=84b9c698-a20f-402d-8057-95dca1f3cb50&&callback=bc_json1072
Requested by
Host: w698.al.com
URL: https://w698.al.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.24.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-24-35.compute-1.amazonaws.com
Software
- /
Resource Hash
05fe9ef5605db74a3f627817b106f97567854f3f9166e319d161b6cc07faf0b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
content-type
text/javascript; charset=utf-8
content-length
87
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
1070
w698.al.com/DG/DEFAULT/rest/rpc/
8 KB
4 KB
XHR
General
Full URL
https://w698.al.com/DG/DEFAULT/rest/rpc/1070?referer=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&bcsessionid=84b9c698-a20f-402d-8057-95dca1f3cb50&bctempid=&overruleReferrer=&time=2022-09-19T17%3A37%3A09%2B00%3A00&ts=1663609029252
Requested by
Host: w698.al.com
URL: https://w698.al.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-76.phl50.r.cloudfront.net
Software
- /
Resource Hash
737b3dff4e1d012ac07b675127dccc918db4b2d6a2a437b6aa200308ce1ec62c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
3501
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.al.com
server
-
content-type
application/json; charset=utf-8
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
SpKbDdXT7esXG6r7wPzCO21jOii5Z5U40e1lgMULPVi56LdWdi6nrg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
predict
w698.al.com/rest/custom/frontend/listener_realtime_model/
2 B
894 B
XHR
General
Full URL
https://w698.al.com/rest/custom/frontend/listener_realtime_model/predict?itemId=93193c90-1299-460a-add2-602384af02fc&profileId=84b9c698-a20f-402d-8057-95dca1f3cb50
Requested by
Host: w698.al.com
URL: https://w698.al.com/plugin/plugin/12ca2e56f05505f978baf73440de9b40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-76.phl50.r.cloudfront.net
Software
- /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
2
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.al.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, no-cache="Set-Cookie"
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
RC7LQBrC3TEU6gaJhBFwJtXMbPL7FA_LVXs1HRZ-SxFPGxhjid6IKA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Ping
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.al.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
1070
w698.al.com/DG/DEFAULT/rest/rpc/
359 B
1 KB
XHR
General
Full URL
https://w698.al.com/DG/DEFAULT/rest/rpc/1070?referer=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&bcsessionid=84b9c698-a20f-402d-8057-95dca1f3cb50&bctempid=&overruleReferrer=&time=2022-09-19T17%3A37%3A09%2B00%3A00&ts=1663609029307
Requested by
Host: w698.al.com
URL: https://w698.al.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-76.phl50.r.cloudfront.net
Software
- /
Resource Hash
e912691f2bc0f133baae0e605409b7725064b2ec67f12bc9f28b855aaf1ae59e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
173
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.al.com
server
-
content-type
application/json; charset=utf-8
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
iRlTm91KX-25vbiaG6NSDhQ9wII0cSRh7hwaugDnIcuI3XfFOZAhfw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1070
w698.al.com/DG/DEFAULT/rest/rpc/
180 B
1 KB
XHR
General
Full URL
https://w698.al.com/DG/DEFAULT/rest/rpc/1070?referer=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&bcsessionid=84b9c698-a20f-402d-8057-95dca1f3cb50&bctempid=&overruleReferrer=&time=2022-09-19T17%3A37%3A09%2B00%3A00&ts=1663609029308
Requested by
Host: w698.al.com
URL: https://w698.al.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-76.phl50.r.cloudfront.net
Software
- /
Resource Hash
8bce90ce30ffdbfd46d7e312568f2ef45f07eab771f3da3af7e9f7581efbdd66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
163
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.al.com
server
-
content-type
application/json; charset=utf-8
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
wC-QgjNg9rWgPbwcr7p0qto9jJL8a7zCZWBykK2z8joUgpfd9lErlw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1070
w698.al.com/DG/DEFAULT/rest/rpc/
180 B
1 KB
XHR
General
Full URL
https://w698.al.com/DG/DEFAULT/rest/rpc/1070?referer=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&bcsessionid=84b9c698-a20f-402d-8057-95dca1f3cb50&bctempid=&overruleReferrer=&time=2022-09-19T17%3A37%3A09%2B00%3A00&ts=1663609029337
Requested by
Host: w698.al.com
URL: https://w698.al.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-76.phl50.r.cloudfront.net
Software
- /
Resource Hash
a82ed5ce69e65c85c0e27666b8cb4755e06df6c363ae0ba064694e7a81b99b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
163
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.al.com
server
-
content-type
application/json; charset=utf-8
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
RUNLREwlubBqcEP4gy_oE0Q5Ww5Z55uqLpdwVk11lcMFmz_8upCtiA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1070
w698.al.com/DG/DEFAULT/rest/rpc/
180 B
1 KB
XHR
General
Full URL
https://w698.al.com/DG/DEFAULT/rest/rpc/1070?referer=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&bcsessionid=84b9c698-a20f-402d-8057-95dca1f3cb50&bctempid=&overruleReferrer=&time=2022-09-19T17%3A37%3A09%2B00%3A00&ts=1663609029339
Requested by
Host: w698.al.com
URL: https://w698.al.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-76.phl50.r.cloudfront.net
Software
- /
Resource Hash
fa38bb1bd6c346951062e5ed2f672b21d3d775a339db5cee184697d7bd291879
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
163
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.al.com
server
-
content-type
application/json; charset=utf-8
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
XSMhTRFTyT7nANpRfwMnjj6XbKWPOscjc5PtL5OmuV1mFxw7coVgrQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1070
w698.al.com/DG/DEFAULT/rest/rpc/
180 B
1 KB
XHR
General
Full URL
https://w698.al.com/DG/DEFAULT/rest/rpc/1070?referer=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&bcsessionid=84b9c698-a20f-402d-8057-95dca1f3cb50&bctempid=&overruleReferrer=&time=2022-09-19T17%3A37%3A09%2B00%3A00&ts=1663609029342
Requested by
Host: w698.al.com
URL: https://w698.al.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-76.phl50.r.cloudfront.net
Software
- /
Resource Hash
c9293ae39a355ccc052e73da431639f1cbd6fd164eec2a43a04cb0d897c6ae7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
163
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.al.com
server
-
content-type
application/json; charset=utf-8
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
dtN8vr45yH6w_-bNrCKsXHO7PHP3uM_nktz-_flXtv2CVnsMhxpyEA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1070
w698.al.com/DG/DEFAULT/rest/rpc/
180 B
1 KB
XHR
General
Full URL
https://w698.al.com/DG/DEFAULT/rest/rpc/1070?referer=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&bcsessionid=84b9c698-a20f-402d-8057-95dca1f3cb50&bctempid=&overruleReferrer=&time=2022-09-19T17%3A37%3A09%2B00%3A00&ts=1663609029344
Requested by
Host: w698.al.com
URL: https://w698.al.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-76.phl50.r.cloudfront.net
Software
- /
Resource Hash
7ef23a88a7396ff51bd751ad5b265aad833bf75c8b1e54c7b8b78de88736f82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
163
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.al.com
server
-
content-type
application/json; charset=utf-8
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
stYGuhCcmv9rOSrpfLEi9mL5J4OubqopviHi4u3ws0LaRA9v6RtXAw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1070
w698.al.com/DG/DEFAULT/rest/rpc/
180 B
1 KB
XHR
General
Full URL
https://w698.al.com/DG/DEFAULT/rest/rpc/1070?referer=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&bcsessionid=84b9c698-a20f-402d-8057-95dca1f3cb50&bctempid=&overruleReferrer=&time=2022-09-19T17%3A37%3A09%2B00%3A00&ts=1663609029345
Requested by
Host: w698.al.com
URL: https://w698.al.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-76.phl50.r.cloudfront.net
Software
- /
Resource Hash
9a1d7ca4cd54d0ec453368215654d04f57e4a35f90eaaebfdb81a81cc6cdc682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
164
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.al.com
server
-
content-type
application/json; charset=utf-8
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
xeKjJ6p3GryIYfw7NXtPTRolzm38cEPQ9wjo7f0igulq4-9ZWAiuOw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
392.json
id5-sync.com/g/v2/
457 B
1 KB
XHR
General
Full URL
https://id5-sync.com/g/v2/392.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
5287fc6acf59b0fddf540e4b3e2221c82e69ef6aa51d14d884f654a3e7d9687a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
1070
w698.al.com/DG/DEFAULT/rest/rpc/
26 KB
5 KB
XHR
General
Full URL
https://w698.al.com/DG/DEFAULT/rest/rpc/1070?referer=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&bcsessionid=84b9c698-a20f-402d-8057-95dca1f3cb50&bctempid=&overruleReferrer=&time=2022-09-19T17%3A37%3A09%2B00%3A00&ts=1663609029359
Requested by
Host: w698.al.com
URL: https://w698.al.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-76.phl50.r.cloudfront.net
Software
- /
Resource Hash
9e99f8d7027a12fc0b1e599bed03a6754c12254b1d36b17c15582d58d07bdeea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4344
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.al.com
server
-
content-type
application/json; charset=utf-8
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
w07DlIhanUwvCFPQBNAQSM0oSdWGS_zEmSisDgHYNqGSFutO2QIYkg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame DDE5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=2310414087477230896&ex=appnexus.com
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=2310414087477230896&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=an-db5_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 19 Sep 2022 17:37:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CRXKBMA8BCD7MF5K8YBE

Redirect headers

AN-X-Request-Uuid
d639f711-bbe2-4ffa-a687-8491fa2d0d2f
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 19 Sep 2022 17:37:09 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=2310414087477230896&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9A08
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=an-db5_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.12 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=120047
content-encoding
gzip
content-length
5549
content-type
text/html
date
Mon, 19 Sep 2022 17:37:09 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 21 Sep 2022 02:57:56 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
1070
w698.al.com/DG/DEFAULT/rest/rpc/
9 KB
5 KB
XHR
General
Full URL
https://w698.al.com/DG/DEFAULT/rest/rpc/1070?referer=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&bcsessionid=84b9c698-a20f-402d-8057-95dca1f3cb50&bctempid=&overruleReferrer=&time=2022-09-19T17%3A37%3A09%2B00%3A00&ts=1663609029374
Requested by
Host: w698.al.com
URL: https://w698.al.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-76.phl50.r.cloudfront.net
Software
- /
Resource Hash
124b819299b0df6676239cf3b7b4d1c29db6b27c002085c661ccca42b8284148
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4104
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.al.com
server
-
content-type
application/json; charset=utf-8
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
xQxKIAZWblIn4MQmbm0aUBki3BWAOzqDbNyiSGvkM109vF-xJezBoQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
UnitInlineDesktop.min.js
vidstat.taboola.com/lite-unit/3.9.5/
103 KB
30 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/3.9.5/UnitInlineDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220919-29-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1a4f61c9ae69cb46413ae64e28ff1880a5230cb8f6941593f508026ec9cea3b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
via
1.1 e4d959ba5c709b88eb04934bd0d1eeea.cloudfront.net (CloudFront), 1.1 varnish
age
548841
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
30131
x-served-by
cache-yul12830-YUL
last-modified
Tue, 13 Sep 2022 09:04:05 GMT
server
AmazonS3
x-timer
S1663609029.449451,VS0,VE0
etag
"75f645147b83895f6a3edf394ea1da6b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
YUL62-C2
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
6DbpDxXDSYI7PRiy2AR3VPofgaqp-UZWyiYdj1Wrw_nOOp2URbyCWg==
x-cache-hits
4269
userx.20220919-29-RELEASE.es6.js
cdn.taboola.com/libtrc/
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20220919-29-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/advance-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f36fa0a282c376f2979a7958b50bf9dec790f9d18ad9071f99401b6abeabb81

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
V8F1.rIL_VdJog_Dpk1nrZhqVIeqiYyb
content-encoding
gzip
etag
"a2de6bb2cdeb556a13b6aede27212c0f"
age
602
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5399
x-amz-id-2
v62Ko7PgX6VQrSnTCRO9OhDzfzdMk3uB+rVGP89c8T/TOryZ1LrJKoUQrxTkiOEORGVJGXjrsg8=
x-served-by
cache-yul12830-YUL
last-modified
Mon, 19 Sep 2022 17:27:05 GMT
server
AmazonS3
x-timer
S1663609029.445997,VS0,VE0
date
Mon, 19 Sep 2022 17:37:09 GMT
vary
Accept-Encoding
x-amz-request-id
GHH7F5VB46KP5KDK
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
94
x-cache-hits
567
social
us-trc-events.taboola.com/advance-alabama/log/3/
0
363 B
Image
General
Full URL
https://us-trc-events.taboola.com/advance-alabama/log/3/social?route=US:US:V&lti=deflated&ri=ab989c91286cf9955134073e2239b878&sd=v2_e72171cec3b98397967cc9197a87976c_271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44_1663609028_1663609028_CNawjgYQof0-GOf_zLa1MCABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGiOuMvY8NrPu1twAQ&ui=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&pi=/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html&wi=-6197868112463423029&pt=text&vi=1663609028583&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Serious%20data%20breach%20at%20Uber%20spotlights%20hacker%20social%20deception%22%2C%22sec%22%3A%22News%22%2C%22aut%22%3A%5B%22Frank%20Bajak%22%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.al.com%2Fresizer%2Fg5Hz9z9fiRpQ71sapoT73dbnY8U%3D%2F1280x0%2Fsmart%2Fcloudfront-us-east-1.images.arcpublishing.com%2Fadvancelocal%2F6AE7CJA7ARHS5E3H2SPGBIOCWQ.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=17%3A37%3A09.426&id=2746&llvl=2&cv=20220919-29-RELEASE&
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
arctic_alaska_DJP9JE.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.wired.com/photos/62ffc44e2af3e19bf28d489a/191%3A100/w_1280%2Cc_limit/
9 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.wired.com/photos/62ffc44e2af3e19bf28d489a/191%3A100/w_1280%2Cc_limit/arctic_alaska_DJP9JE.jpg
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b9688dec5de3e7b5f21abb3b9c0271f92664db4b056cb6d814dad158e3f1e2d0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 19 Sep 2022 17:37:09 GMT
via
1.1 varnish, 1.1 varnish
age
2090286
edge-cache-tag
412624518251722522671556179829186733577,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
cache-tag
412624518251722522671556179829186733577,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
33
x-cache
MISS, MISS, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.wired.com/photos/62ffc44e2af3e19bf28d489a/191%3A100/w_1280%2Cc_limit/arctic_alaska_DJP9JE.jpg
content-length
9610
x-request-id
91eb84f6bb3a8282ea4bb988aa2016b7
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Wed, 24 Aug 2022 14:46:42 GMT
server
nginx
x-timer
S1663609030.503341,VS0,VE0
etag
"4dcb389e2a05c2d8001ddf26d4a98bc9"
x-served-by
cache-iad-kcgs7200115-IAD, cache-iad-kjyo7100092-IAD, cache-sna10741-LGB, cache-iad-kcgs7200144-IAD, cache-yul12830-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 2
ONFKBVNGWNCWXG4U7XYBEZXLY4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.al.com/resizer/hAVSLoK4wHL4wpLLY_8KSOfmQxw%3D/1280x0/smart/cloudfront-us-east...
7 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.al.com/resizer/hAVSLoK4wHL4wpLLY_8KSOfmQxw%3D/1280x0/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ONFKBVNGWNCWXG4U7XYBEZXLY4.jpg
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
354873c8eaa9c04ce127a061a22c51a0172f7bc380e07660286149fe5b046c30

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 17:37:09 GMT
via
1.1 varnish, 1.1 varnish
age
4163433
edge-cache-tag
366302492345359052071231892871868888554,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
cache-tag
366302492345359052071231892871868888554,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
77
expiration
expiry-date="Fri, 19 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.al.com/resizer/hAVSLoK4wHL4wpLLY_8KSOfmQxw%3D/1280x0/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ONFKBVNGWNCWXG4U7XYBEZXLY4.jpg
content-length
7192
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Tue, 19 Jul 2022 11:19:23 GMT
server
nginx
x-timer
S1663609030.503276,VS0,VE1
etag
"5ad8799b622b68da68aaf0eb51f04daa"
x-served-by
cache-iad-kiad7000044-IAD, cache-iad-kjyo7100096-IAD, cache-chi-klot8100163-CHI, cache-iad-kiad7000139-IAD, cache-yul12830-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 1, 1
3cdd6d7be271fb42d12818bcce49f4ec.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
4 KB
5 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3cdd6d7be271fb42d12818bcce49f4ec.jpg
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5e53ec0344a2533c41a45b1a97bbd44c678ff5deb7c18229343035f0ece08081

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 17:37:09 GMT
via
1.1 varnish, 1.1 varnish
age
615579
edge-cache-tag
431889369545671908098194092452124528758,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
cache-tag
431889369545671908098194092452124528758,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
365
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3cdd6d7be271fb42d12818bcce49f4ec.jpg
content-length
4326
x-request-id
c4094dc3575d7aaf4c9d8ffcaf5b1f2c
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Wed, 17 Aug 2022 10:20:21 GMT
server
nginx
x-timer
S1663609030.506401,VS0,VE1
etag
"af1ceb3aa7812dcafda34283aa84d584"
x-served-by
cache-iad-kcgs7200048-IAD, cache-iad-kjyo7100165-IAD, cache-lax10683-LGB, cache-iad-kjyo7100144-IAD, cache-yul12830-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
JI5GSQPGRNB2LCO3J5QKLUGRZI.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.al.com/resizer/08DaoubrxBFGIKZLUAjxJM8y8uQ%3D/1280x0/smart/cloudfront-us-east...
8 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.al.com/resizer/08DaoubrxBFGIKZLUAjxJM8y8uQ%3D/1280x0/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/JI5GSQPGRNB2LCO3J5QKLUGRZI.jpg
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
804ccd65d9ec917feb0a7f17dcb7ebfb533059124236c050063699afcc75f249

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
16
date
Mon, 19 Sep 2022 17:37:09 GMT
via
1.1 varnish, 1.1 varnish
age
4258
edge-cache-tag
331838348964292442330508098915164693870,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
cache-tag
331838348964292442330508098915164693870,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
752
req-referer
https://www.al.com/auburnfootball/2022/09/report-auburns-bryan-harsin-a-name-to-watch-for-arizona-state-job.html
x-cache
MISS, MISS, MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.al.com/resizer/08DaoubrxBFGIKZLUAjxJM8y8uQ%3D/1280x0/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/JI5GSQPGRNB2LCO3J5QKLUGRZI.jpg
content-length
8080
x-request-id
567a39f5d5617d1098bbb76b837feca2
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Thu, 08 Sep 2022 11:26:39 GMT
server
nginx
x-timer
S1663609030.512321,VS0,VE16
etag
"c65e5b091043b157b1035638613b7fc6"
x-served-by
cache-iad-kiad7000051-IAD, cache-iad-kcgs7200113-IAD, cache-lga21980-LGA, cache-iad-kjyo7100076-IAD, cache-yul12830-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 0
7316cfa96225e888579d3d744ec2882d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
7 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7316cfa96225e888579d3d744ec2882d.jpg
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
73312a1a2b5d89ad5acca3c399a6d7be5d7261fb408bcaf168e7b54b5eded8c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 17:37:09 GMT
via
1.1 varnish, 1.1 varnish
age
3376155
edge-cache-tag
359161687306764903680727215955728573633,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
cache-tag
359161687306764903680727215955728573633,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
215
x-cache
HIT, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7316cfa96225e888579d3d744ec2882d.jpg
content-length
7614
x-request-id
e5b6b1dda7434020a6b5d7cc58672bdc
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Tue, 09 Aug 2022 08:00:34 GMT
server
nginx
x-timer
S1663609030.512408,VS0,VE1
etag
"2a4807a4c19bd5196860b61b10460dc2"
x-served-by
cache-iad-kiad7000105-IAD, cache-iad-kiad7000037-IAD, cache-bur-kbur8200053-BUR, cache-iad-kiad7000153-IAD, cache-yul12830-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 1, 1
JTQYEZ72KNCXDN35W2AQ4SFDTA.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.al.com/resizer/7TFhRiPHQHYNac1M0MSB6vcF40Q%3D/1280x0/smart/cloudfront-us-east...
4 KB
5 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.al.com/resizer/7TFhRiPHQHYNac1M0MSB6vcF40Q%3D/1280x0/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/JTQYEZ72KNCXDN35W2AQ4SFDTA.jpg
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
786021d91f4c127b5ba8cc1414b7cb56fd18cf8c727661e61f788f4238264b2e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 17:37:09 GMT
via
1.1 varnish, 1.1 varnish
age
3967255
edge-cache-tag
539873186097894141668470398320807508954,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
cache-tag
539873186097894141668470398320807508954,323549823807620650528679431302742554985,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
475
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.al.com/resizer/7TFhRiPHQHYNac1M0MSB6vcF40Q%3D/1280x0/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/JTQYEZ72KNCXDN35W2AQ4SFDTA.jpg
content-length
3958
x-request-id
e6f6fd503a7d5f372f3993bed762df9a
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Wed, 03 Aug 2022 01:21:25 GMT
server
nginx
x-timer
S1663609030.512547,VS0,VE1
etag
"91e67b29f37273dc404fe73b4fc7050b"
x-served-by
cache-iad-kcgs7200133-IAD, cache-iad-kiad7000171-IAD, cache-sna10738-LGB, cache-iad-kiad7000088-IAD, cache-yul12830-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
3720
idx.liadm.com/idex/prebid/
0
310 B
XHR
General
Full URL
https://idx.liadm.com/idex/prebid/3720?duid=8810293dbf02--01gdbd6f7b1z1pg4zmdesbxzja
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.63.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-63-36.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.al.com
date
Mon, 19 Sep 2022 17:37:09 GMT
request-time
4
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
4033a16506732495
vary
Origin
access-control-allow-credentials
true
ykdize2xx5otxppcxnoe.mp4
cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1643042160/
294 KB
294 KB
Media
General
Full URL
https://cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1643042160/ykdize2xx5otxppcxnoe.mp4
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56a2e94108ef62eb2a1545eeacb7118f916db6e61fe546849c4952d3a1490ff0

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
_t5iWaDgeIiGE4TRG2UqCtnEYYa.Jv2J
via
1.1 varnish
etag
"fd8863d6d6faaa788b803e4ca2c34815"
age
88
x-cache
HIT
Content-Range
bytes 0-300603/300604
x-amz-replication-status
COMPLETED
Content-Length
300604
x-amz-id-2
abIUYySlzvcADjlOqiFOUvGLgyytvvELoC2+64gCw7SsFJN7NrBOdftBq239hhN1DxMELywF/9M=
x-served-by
cache-yul12830-YUL
last-modified
Mon, 24 Jan 2022 16:36:08 GMT
server
AmazonS3
x-timer
S1663609030.530989,VS0,VE1
date
Mon, 19 Sep 2022 17:37:09 GMT
x-amz-request-id
5169X2P5CRRHTWHV
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
94
x-cache-hits
0
1070
w698.al.com/DG/DEFAULT/rest/rpc/
180 B
1 KB
XHR
General
Full URL
https://w698.al.com/DG/DEFAULT/rest/rpc/1070?referer=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&bcsessionid=84b9c698-a20f-402d-8057-95dca1f3cb50&bctempid=&overruleReferrer=&time=2022-09-19T17%3A37%3A09%2B00%3A00&ts=1663609029645
Requested by
Host: w698.al.com
URL: https://w698.al.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-76.phl50.r.cloudfront.net
Software
- /
Resource Hash
843d07622f51a846646b3bf4c8868d88a391d8340a8be1c6944c01e0c124f0c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
162
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.al.com
server
-
content-type
application/json; charset=utf-8
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
YYqCtskHNMC4FFYNviomvMJGAXDrCCtQeM4MX7_KB3JNHrYnSEYlwg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
execute
c2.piano.io/xbuilder/experience/
3 KB
2 KB
XHR
General
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=rdx9aWSVf9
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b9854034308c6360e1cebb969322af9baf1073dda358a94b73426f157f46fd1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
br
vary
Accept-Encoding, Origin
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
vnwt1r3xca
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.al.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
74d41673ba037157-YUL
PugMaster
image6.pubmatic.com/AdServer/ Frame 9A08
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96233933&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e076e283f278bac3178152acfc06382c3c811bd94c6774686236aee128595038

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1569
content-type
text/html; charset=UTF-8
/
www.facebook.com/tr/ Frame D91C
0
15 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.al.com
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.al.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:37:09 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame 1285
0
15 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.al.com
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.al.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:37:09 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
pubcid.min.js
id.sharedid.org/lib/
732 B
904 B
Script
General
Full URL
https://id.sharedid.org/lib/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.23.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-23-219.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
cache-control
public, max-age=86400
last-modified
Mon, 19 Sep 2022 09:44:53 GMT
accept-ranges
bytes
content-length
732
vary
accept-encoding
content-type
application/javascript
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 20:36:48 GMT
content-encoding
gzip
age
853221
x-guploader-uploadid
ADPycduey1YScZSPSa_Mf5ftzjtGZEaEwtkY3WYZeoZBKveTNCS4X6nH7GDcsBDms_RAV6tx2BQPWciGeXjCUQiMNzydfQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation
1622140251693895
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 09 Sep 2023 20:36:48 GMT
esp.js
cdn.id5-sync.com/api/1.0/
48 KB
14 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9468203d1a374c57d8f34c2df0229524b0b930bd43ed137a2a9bbbb21c1606e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 11:00:45 GMT
server
cloudflare
age
1075
etag
W/"c7c919b353e8ba2ee51dc077f03d29d1"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
74d416744eae714b-YUL
x-amz-request-id
SYZZSSHWVG3W7T1B
x-amz-id-2
Hvmd6ZrwG55mJPBVz6jeKs1tU740lkVirHdhxDN3tOqwjEpooTWpLH1u3D6qEPD6rAuMm5qd7Vs=
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
29 KB
9 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:44:26 GMT
content-encoding
gzip
etag
W/"2fa1275c04d6208db458c1ec8559f92d"
last-modified
Tue, 19 Jul 2022 18:12:40 GMT
server
AmazonS3
age
3164
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 205b9099637a29b949f9be6dceccecec.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
JFK50-P4
x-amz-cf-id
4ahWD6EovCJDmnD8UHtzPlN5ShP0Mk5JvKzm_qrBoWeVDUH5jyrEmA==
publishertag.ids.js
static.criteo.net/js/ld/
40 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a097f145b7b5399d1f8e9c86b6f4a36e43f5553fa77c7b2951504731914535ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-a1fb"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 20 Sep 2022 17:37:09 GMT
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/
4 KB
5 KB
Script
General
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.125.221 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-125-221.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
cache-control
public, max-age=86400
last-modified
Tue, 17 May 2022 17:30:07 GMT
accept-ranges
bytes
content-length
4559
vary
accept-encoding
content-type
application/javascript
container.html
06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9C61
6 KB
3 KB
Document
General
Full URL
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:37:08 GMT
expires
Tue, 19 Sep 2023 17:37:08 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
moatad.js
z.moatads.com/advancedigitaldfp80721595993/ Frame 894C
12 KB
5 KB
Script
General
Full URL
https://z.moatads.com/advancedigitaldfp80721595993/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.105.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-242.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6cd746746764002dec02d76f1d19a10b6a2919cae24db0f1449596f1da33b285

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 19:13:26 GMT
server
AmazonS3
x-amz-request-id
AGGJM0N51JKT7ZSR
etag
"eb0b1e45663b912f5f0b67d4c9d1f59b"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=54227
accept-ranges
bytes
content-length
4393
x-amz-id-2
sSMVwGDict3lgfC+aqN9RnFUYMzSEnGnhOVKq8rUTkkGVqVvjhUB7pIWO88PLvaCUyVjwinrXg0=
13478065169671183227
tpc.googlesyndication.com/simgad/ Frame 894C
45 KB
45 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13478065169671183227
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196c4c22bfd02bc2a9b5094dd376d8ecfc9939f2f5172a6149e39512770ed517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 11:06:23 GMT
x-content-type-options
nosniff
age
196246
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45744
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 20:29:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 17 Sep 2023 11:06:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 894C
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
368
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 17:31:01 GMT
l
www.google.com/ads/measurement/ Frame 894C
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRe1oJ7LW6uU6-W3NVXTef9nsnuRW3KmJoR263fR_lBb7gPe-Y6YmB0XjEtcsapUENm_QB3u6opwvw08T7xqwIO2vDcbQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 894C
141 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:37:09 GMT
container.html
06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A2A
6 KB
3 KB
Document
General
Full URL
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:37:08 GMT
expires
Tue, 19 Sep 2023 17:37:08 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
event
prebid-a.rubiconproject.com/
61 B
225 B
XHR
General
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.122.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-122-0.compute-1.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 19 Sep 2022 17:37:09 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
event
prebid-a.rubiconproject.com/ Frame
0
0
Preflight
General
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.122.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-122-0.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.al.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 19 Sep 2022 17:37:09 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
st
imprnjmp.taboola.com/ Frame 1221
8 KB
2 KB
Document
General
Full URL
https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7rYkCFgODgj-liuch-gSDgj-liuch-gUAAAAGBscHJLYyzWaG5cStGQwma9FssFsrR57dWjGcGUbDzWS4MWyMQGIr02xmWE7cmsFgshbNBru1cuTZrRXDmWE03EyGG8PGCiTS9BlNB0nDaTYInRfL02QQFV1vi93hNHsOaoGsaXL53TCGptPhc93rdb_fXWG2a_xuv9zl-_wlg8lkL1juNS_L0-_6vEUO08MtsbwcHqNbYXqrLi7LW3P4m85On9H0eQsdHq_L8tb8PU6H2S1yeVyG09NvtwtNb7MdAAAAAB7-____IQAAAAAiAAAAACQAAAAAKAIq_i0ELgAAAAAw_v___zUATDYEokMOhPbbTZeXw-wPAAAAABAAAAAAEgCB9KYSgA_Vk5P__________5gB-swbmf____8bhR6ABx-AByEAAICLofEcN8x2MYQGIgLFIkYAAAAAlTiZtUeTOqGyqPr__--3ArgCAAgYtJoGWsnSHZR4CwMAACAYW6CHxe83O-wav9tl__________9m_2f_aEI2AABpwpMo9mq_gAAAa7-AAABs2kZuAABvAXBBZ4DD0WwwXB1BrEaz2QEAAADc_f___-uBlG-y2C02Lo9n4hxulrvlbLfxOBfL3cK4W-5mG-9J9e-3lVtkyveRSNNnNB0kDafZIHReLE-TQVR0vS12h9PsOagFsqbJ5bffhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCyW4xcm8HErRusLG7RaLBYC0e-3VpjMo5sFovH5bAY1qLXx_SwTCYr02iLggFhe5E8LdKJwuIcLjfOxWQ429icy9VqsRkNdpuVZbJZToy74UQs0Zws0onssm_5JovdYuPyeCbO4Wa5W852G49zsdwtjLvlbrbxV3aLkWszmLh1g5XFLRoNFmvhyLdba0zGkc1i8bgcFsNa9PqYHpbJZGUa7Ruz2WY2WA4mw31jNtvMBsvBZLjv0Bm-q8_Z6NsMax2f5q-eGY41h0HhMli8K9VppS1IDtrsVeR0aWbKos6ofH5HXoPCc_CYftab9izOKYfWY_R7MCpiieAinShMtofd43IrzA6Lw-2wiCVK00U60ctdvs9fMphM9oLlXvOyPP2uz1vkMD3cEsvL4TG6Faa36uKyvDWHv-ns9BlNn7fQ4fG6LG_N3-N0mN0il8dlOD39drvQ9DZbxBLB6SKdiF7G00X9R4cYLeeq2Vyx2swVw8UqAQAAAAAAAAAsYcq8CQAAAMBpEMvBbrlb54EMdqvFbrVcgAffUN0f62Ra3HK6g91U_l_li_LM5eLGjx_CZHvYPS63wuywONwOKwM8TEIwb_5MEGu1WtYAAAAC2AAAAAHcunkLRIfi_____-MAAABk5OgBAACO94GuAAAAAAAA-AlwtZwN!&cmcv=&pix=undefined&cb=1663609029899&uv=3226&tms=1663609029899&abt=206725b_vA!206725b_vA!amplean_vD!ecp_vC!eidc_vB!id5mc_vB!inc_all_video_vA!spa2_vA!ul118513-590_vB&ft=0&su=4&unm=INLINE_INSTREAM&aure=false&agl=1&cirid=6e46f09b-3002-4607-9d37-18f048328c0c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.5/UnitInlineDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
74d0702af21c66c828e3395bf52d1f22071c620c2b13abad6bddc00d9d220304

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Mon, 19 Sep 2022 17:37:09 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12830-YUL
x-timer
S1663609030.924546,VS0,VE20
sync
us-match.taboola.com/ Frame FDE1
8 KB
8 KB
Document
General
Full URL
https://us-match.taboola.com/sync?dast=V7rYkCFgODgj-liuch-gSDgj-liuch-gUAAAAGBscHJLYyzWaG5cStGQwma9FssFsrR57dWjGcGUbDzWS4MWyMQGIr02xmWE7cmsFgshbNBru1cuTZrRXDmWE03EyGG8PGCiTS9BlNB0nDaTYInRfL02QQFV1vi93hNHsOaoGsaXL53TCGptPhc93rdb_fXWG2a_xuv9zl-_wlg8lkL1juNS_L0-_6vEUO08MtsbwcHqNbYXqrLi7LW3P4m85On9H0eQsdHq_L8tb8PU6H2S1yeVyG09NvtwtNb7MdAAAAAB7-____IQAAAAAiAAAAACQAAAAAKAIq_i0ELgAAAAAw_v___zUATDYEokMOhPbbTZeXw-wPAAAAABAAAAAAEgCB9KYSgA_Vk5P__________5gB-swbmf____8bhR6ABx-AByEAAICLofEcN8x2MYQGIgLFIkYAAAAAlTiZtUeTOqGyqPr__--3ArgCAAgYtJoGWsnSHZR4CwMAACAYW6CHxe83O-wav9tl__________9m_2f_aEI2AABpwpMo9mq_gAAAa7-AAABs2kZuAABvAXBBZ4DD0WwwXB1BrEaz2QEAAADc_f___-uBlG-y2C02Lo9n4hxulrvlbLfxOBfL3cK4W-5mG-9J9e-3lVtkyveRSNNnNB0kDafZIHReLE-TQVR0vS12h9PsOagFsqbJ5bffhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCyW4xcm8HErRusLG7RaLBYC0e-3VpjMo5sFovH5bAY1qLXx_SwTCYr02iLggFhe5E8LdKJwuIcLjfOxWQ429icy9VqsRkNdpuVZbJZToy74UQs0Zws0onssm_5JovdYuPyeCbO4Wa5W852G49zsdwtjLvlbrbxV3aLkWszmLh1g5XFLRoNFmvhyLdba0zGkc1i8bgcFsNa9PqYHpbJZGUa7Ruz2WY2WA4mw31jNtvMBsvBZLjv0Bm-q8_Z6NsMax2f5q-eGY41h0HhMli8K9VppS1IDtrsVeR0aWbKos6ofH5HXoPCc_CYftab9izOKYfWY_R7MCpiieAinShMtofd43IrzA6Lw-2wiCVK00U60ctdvs9fMphM9oLlXvOyPP2uz1vkMD3cEsvL4TG6Faa36uKyvDWHv-ns9BlNn7fQ4fG6LG_N3-N0mN0il8dlOD39drvQ9DZbxBLB6SKdiF7G00X9R4cYLeeq2Vyx2swVw8UqAQAAAAAAAAAsYcq8CQAAAMBpEMvBbrlb54EMdqvFbrVcgAffUN0f62Ra3HK6g91U_l_li_LM5eLGjx_CZHvYPS63wuywONwOKwM8TEIwb_5MEGu1WtYAAAAC2AAAAAHcunkLRIfi_____-MAAABk5OgBAACO94GuAAAAAAAA-AlwtZwN!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.5/UnitInlineDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
d0d574f829a4394a6ac2506b2d3f3bdb1cb47541aa8a67ea64f77801e93462c8

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 19 Sep 2022 17:37:09 GMT
machineid
3106
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/
14 KB
9 KB
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=300&height=168&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1663609029905&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1482&pt=987530730&tz=0&viewable=true&ddast=V7rYkCFgODgj-liuch-gSDgj-liuch-gUAAAAGBscHJLYyzWaG5cStGQwma9FssFsrR57dWjGcGUbDzWS4MWyMQGIr02xmWE7cmsFgshbNBru1cuTZrRXDmWE03EyGG8PGCiTS9BlNB0nDaTYInRfL02QQFV1vi93hNHsOaoGsaXL53TCGptPhc93rdb_fXWG2a_xuv9zl-_wlg8lkL1juNS_L0-_6vEUO08MtsbwcHqNbYXqrLi7LW3P4m85On9H0eQsdHq_L8tb8PU6H2S1yeVyG09NvtwtNb7MdAAAAAB7-____IQAAAAAiAAAAACQAAAAAKAIq_i0ELgAAAAAw_v___zUATDYEokMOhPbbTZeXw-wPAAAAABAAAAAAEgCB9KYSgA_Vk5P__________5gB-swbmf____8bhR6ABx-AByEAAICLofEcN8x2MYQGIgLFIkYAAAAAlTiZtUeTOqGyqPr__--3ArgCAAgYtJoGWsnSHZR4CwMAACAYW6CHxe83O-wav9tl__________9m_2f_aEI2AABpwpMo9mq_gAAAa7-AAABs2kZuAABvAXBBZ4DD0WwwXB1BrEaz2QEAAADc_f___-uBlG-y2C02Lo9n4hxulrvlbLfxOBfL3cK4W-5mG-9J9e-3lVtkyveRSNNnNB0kDafZIHReLE-TQVR0vS12h9PsOagFsqbJ5bffhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCyW4xcm8HErRusLG7RaLBYC0e-3VpjMo5sFovH5bAY1qLXx_SwTCYr02iLggFhe5E8LdKJwuIcLjfOxWQ429icy9VqsRkNdpuVZbJZToy74UQs0Zws0onssm_5JovdYuPyeCbO4Wa5W852G49zsdwtjLvlbrbxV3aLkWszmLh1g5XFLRoNFmvhyLdba0zGkc1i8bgcFsNa9PqYHpbJZGUa7Ruz2WY2WA4mw31jNtvMBsvBZLjv0Bm-q8_Z6NsMax2f5q-eGY41h0HhMli8K9VppS1IDtrsVeR0aWbKos6ofH5HXoPCc_CYftab9izOKYfWY_R7MCpiieAinShMtofd43IrzA6Lw-2wiCVK00U60ctdvs9fMphM9oLlXvOyPP2uz1vkMD3cEsvL4TG6Faa36uKyvDWHv-ns9BlNn7fQ4fG6LG_N3-N0mN0il8dlOD39drvQ9DZbxBLB6SKdiF7G00X9R4cYLeeq2Vyx2swVw8UqAQAAAAAAAAAsYcq8CQAAAMBpEMvBbrlb54EMdqvFbrVcgAffUN0f62Ra3HK6g91U_l_li_LM5eLGjx_CZHvYPS63wuywONwOKwM8TEIwb_5MEGu1WtYAAAAC2AAAAAHcunkLRIfi_____-MAAABk5OgBAACO94GuAAAAAAAA-AlwtZwN!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2075175&dpubid=190797&abtst=206725b_vA!206725b_vA!amplean_vD!ecp_vC!eidc_vB!id5mc_vB!inc_all_video_vA!spa2_vA!ul118513-590_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.al.com&en=1&subu=4&panid=07e47c5f4873394acffad829716416d539385cfa799f10d050a687bc7cb26bfa
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.5/UnitInlineDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6c423ccd594e47e18ae63e5aec8126ae4cc5e1d1a7f643a6582d29ef80b335dd

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
content-encoding
gzip
access-control-allow-origin
https://www.al.com
machineid
1101
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12830-YUL
pragma
no-cache
server
nginx
x-timer
S1663609030.924799,VS0,VE270
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://{"userSync">; rel=preconnect,<http://{"adUnit">; rel=preconnect,<http://ads.stickyadstv.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
us-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7rYkCFgODgj-liuch-gSDgj-liuch-gUAAAAGBscHJLYyzWaG5cStGQwma9FssFsrR57dWjGcGUbDzWS4MWyMQGIr02xmWE7cmsFgshbNBru1cuTZrRXDmWE03EyGG8PGCiTS9BlNB0nDaTYInRfL02QQFV1vi93hNHsOaoGsaXL53TCGptPhc93rdb_fXWG2a_xuv9zl-_wlg8lkL1juNS_L0-_6vEUO08MtsbwcHqNbYXqrLi7LW3P4m85On9H0eQsdHq_L8tb8PU6H2S1yeVyG09NvtwtNb7MdAAAAAB7-____IQAAAAAiAAAAACQAAAAAKAIq_i0ELgAAAAAw_v___zUATDYEokMOhPbbTZeXw-wPAAAAABAAAAAAEgCB9KYSgA_Vk5P__________5gB-swbmf____8bhR6ABx-AByEAAICLofEcN8x2MYQGIgLFIkYAAAAAlTiZtUeTOqGyqPr__--3ArgCAAgYtJoGWsnSHZR4CwMAACAYW6CHxe83O-wav9tl__________9m_2f_aEI2AABpwpMo9mq_gAAAa7-AAABs2kZuAABvAXBBZ4DD0WwwXB1BrEaz2QEAAADc_f___-uBlG-y2C02Lo9n4hxulrvlbLfxOBfL3cK4W-5mG-9J9e-3lVtkyveRSNNnNB0kDafZIHReLE-TQVR0vS12h9PsOagFsqbJ5bffhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCyW4xcm8HErRusLG7RaLBYC0e-3VpjMo5sFovH5bAY1qLXx_SwTCYr02iLggFhe5E8LdKJwuIcLjfOxWQ429icy9VqsRkNdpuVZbJZToy74UQs0Zws0onssm_5JovdYuPyeCbO4Wa5W852G49zsdwtjLvlbrbxV3aLkWszmLh1g5XFLRoNFmvhyLdba0zGkc1i8bgcFsNa9PqYHpbJZGUa7Ruz2WY2WA4mw31jNtvMBsvBZLjv0Bm-q8_Z6NsMax2f5q-eGY41h0HhMli8K9VppS1IDtrsVeR0aWbKos6ofH5HXoPCc_CYftab9izOKYfWY_R7MCpiieAinShMtofd43IrzA6Lw-2wiCVK00U60ctdvs9fMphM9oLlXvOyPP2uz1vkMD3cEsvL4TG6Faa36uKyvDWHv-ns9BlNn7fQ4fG6LG_N3-N0mN0il8dlOD39drvQ9DZbxBLB6SKdiF7G00X9R4cYLeeq2Vyx2swVw8UqAQAAAAAAAAAsYcq8CQAAAMBpEMvBbrlb54EMdqvFbrVcgAffUN0f62Ra3HK6g91U_l_li_LM5eLGjx_CZHvYPS63wuywONwOKwM8TEIwb_5MEGu1WtYAAAAC2AAAAAHcunkLRIfi_____-MAAABk5OgBAACO94GuAAAAAAAA-AlwtZwN!&cmcv=&pix=31589837&cb=1663609029899&uv=3226&tms=1663609029899&abt=206725b_vA!206725b_vA!amplean_vD!ecp_vC!eidc_vB!id5mc_vB!inc_all_video_vA!spa2_vA!ul118513-590_vB&ft=0&su=4&unm=INLINE_INSTREAM&debug=pn:!sqg:!torgn:1663609025860.5!ts:1663609029898&mntl=1
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
content-length
0
server
nginx
match
c1.adform.net/serving/cookie/ Frame 665B
35 B
468 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 19 Sep 2022 17:37:09 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 4A37
0
60 B
Document
General
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 19 Sep 2022 17:37:09 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12828-YUL
x-timer
S1663609030.936757,VS0,VE0
ecm3
s.amazon-adsystem.com/ Frame F36B
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID7DB2CA13-E8A7-4FDA-984A-416FFC946F59
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 19 Sep 2022 17:37:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CGG17AY0ZQXN6HVQFF6F
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9A08
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fbLKE-inT9qYSkFv_JRvWQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
23.221.203.12 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=120046
accept-ranges
bytes
content-type
text/html
content-length
5549
x-xss-protection
1; mode=block
expires
Wed, 21 Sep 2022 02:57:56 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 9A08
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59
  • https://pippio.com/api/sync?pid=5324&it=1&iv=2255d5c6fa5601ced96457195714b54b3cc72d66331c8e8f82eaabf433d646d5791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAyMjU1ZDVjNmZhNTYwMWNlZDk2NDU3MTk1NzE0YjU0YjNjYzcyZDY2MzMxYzhlOGY4MmVhYWJmNDMzZDY0NmQ1NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAyMjU1ZDVjNmZhNTYwMWNlZDk2NDU3MTk1NzE0YjU0YjNjYzcyZDY2MzMxYzhlOGY4MmVhYWJmNDMzZDY0NmQ1NzkxNDI2YjU0MTdkY2UyMRAAGgwIxtGimQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=fac9f2e3-c36d-4789-986e-0c501fbcc449
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=fac9f2e3-c36d-4789-986e-0c501fbcc449
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:37:10 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=fac9f2e3-c36d-4789-986e-0c501fbcc449
date
Mon, 19 Sep 2022 17:37:10 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 9A08
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=21b96328-a8c6-4500-bdea-f3c8e6e4e659
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=21b96328-a8c6-4500-bdea-f3c8e6e4e659
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 19 Sep 2022 17:37:10 GMT
Server
MT3 4505 5b23575 master ord-pixel-x14 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=21b96328-a8c6-4500-bdea-f3c8e6e4e659
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 17:37:09 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9A08
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0RCMkNBMTMtRThBNy00RkRBLTk4NEEtNDE2RkZDOTQ2RjU5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9A08
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIYpT-QXtIKgfBu3hX-U26Y&google_cver=1
42 B
379 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIYpT-QXtIKgfBu3hX-U26Y&google_cver=1
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIYpT-QXtIKgfBu3hX-U26Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9A08
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:EFC64CBD0BF84FEF9BA13C033C226E52
42 B
439 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:EFC64CBD0BF84FEF9BA13C033C226E52
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Mon, 19 Sep 2022 17:37:09 GMT
x-content-type-options
nosniff
server
openresty
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:EFC64CBD0BF84FEF9BA13C033C226E52
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 18 Sep 2022 17:37:09 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9A08
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2840279727660594736&gdpr=0&gdpr_consent=&us_privacy=
1 B
194 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2840279727660594736&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2840279727660594736&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 9A08
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=53ce5430-0132-4e50-8142-31f223e51f5c
42 B
505 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=53ce5430-0132-4e50-8142-31f223e51f5c
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=53ce5430-0132-4e50-8142-31f223e51f5c
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
pixel.gif
px.moatads.com/
43 B
267 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_DFP1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1663609027954&de=551244607233&rx=201346368572&m=0&ar=5aeef158bee-clean&iw=f009e8a&q=1&cb=0&cu=1663609027954&ll=2&lm=0&ln=0&em=0&en=0&d=1485967855%3A558038455%3A1719447535%3A138386336931&bo=343101415&bp=387187255&bd=undefined&zMoatAU=%2F344101295%2FAL%2Fwww.al.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Top&zMoatPlatform=desktop&zMoatVersion=adv-1.1-c&zMoatATF=true&zMoatCounter=1&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387187255&zMoatJS=-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&id=1&ii=4&dfp=0%2C1&la=387187255&gw=advanceddigitalheader640552616592&fd=1&it=500&pe=1%3A1014%3A1014%3A0%3A1077&fs=200157&na=439602193&cs=0
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.105.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:37:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:37:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 894C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssL9qhMBRQiXAWUiG0i62N-fey-JRBR9T3iV6mdPMnpVlwRG98FYsRiy4se8t5aDHgx308gZCsXd6np9EHxYq5rttJcZ0O6iiL27cSgCPGAtXRdBWIjGDlydAKui35zXaLY8BY66wyzsyDOmdHAnsIX2tD5uQ-R7XnQf6rybItB7nCse3JxKYgWn3tM643bDE7fI1xRbPOgKQ99detJlMXvkm6xGGt7wq9nuDhsO5evTvIyVBalNaxdpSYIDOvcB9mOOFFNPpqwY_DupzRWzbqGXCXnt0dV5aiaDXI0PtFD8omKlKDOxh0XaDChcDz7Kg&sai=AMfl-YTLlA0mzR55Zdtz1WT1xJWM4j1W5xgr43tj2JU9tKISsUKNZeitcjUOAlkoOnwoeY1xSmdGn7qJJrVrxiZJRCgqLFGUc2Mo-vFmxd-UHbS6KNeIQP2S4x2b_-DbzD8&sig=Cg0ArKJSzJwRSYH6cUK9EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:37:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 894C
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f463d6ca8c1f86826a508f483d18c701e7350c5140aaf04d21d8a56b4df0a291

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
esp
oajs.openx.net/
85 B
321 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&rid=esp
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
22664c880644824187eafa7535e895adf3725e30ec96ccba4c06aadba4b17406

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
via
1.1 google
etag
W/"55-2GopbEQhuxuTUCdiWIjIjy7Wn0w"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
SailPoint-HomeDepot-Stat-DigitalAds-V1-970x250.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16005181246223008224/970x250/ Frame 90C6
85 KB
12 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16005181246223008224/970x250/SailPoint-HomeDepot-Stat-DigitalAds-V1-970x250.html
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddbe4dc047258f7eca957bdf52f95cec733b9106a0916688606271813646bb62
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
27403
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
12482
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 10:00:27 GMT
expires
Tue, 19 Sep 2023 10:00:27 GMT
last-modified
Wed, 10 Aug 2022 00:54:57 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
img.gif
t.6sc.co/ Frame 9C61
43 B
774 B
Fetch
General
Full URL
https://t.6sc.co/img.gif?event=imp&ppgid=85adfa34&cb=1858205296
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.198.169 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-198-169.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:37:10 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Tue, 05 Oct 2021 22:17:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"615ccf16-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9C61
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUAIIxagoY52bEPLVxtYPidiS-AWGxdy1bLTJ_cSMELCQHxABILfI00dg_eiigfADoAGsy6bkA8gBCeACAKgDAcgDSKoErgJP0PvzpqMlM2dS2pxhs_b-Yrb5jbD37gjMdBTbx322DFOgAk1UZFGlBzeDviwIAJcIax-e2EloJgr66leMflc56u0f938vWT0ArlhGss53o3BlGgTiNQEwbWr3oAVTkZEQhQstDdcFmbhe-GorLW2U0op0nhjFxik0VoloXfk1dp_CiC403SYuA49T5P1BACS3WVBs2AJzBsFY9oiMFaJURwJb8t1Sz_JDZcRCYybG0Rry6TzfdFVywnUpsI-GKlbJs15tTtMyNnXXKNhgpQLUxeS6hgHFDG4kSqMF5uFTnE_37zFfUs0g9YGQV8ZSE_WTg6ucUIxukl-sgWLEuQlBEU-gfhWZ5siBurdjFVlqN38GN6YCqpBhF6cRQMauvysVedzZDAT8YcbxicijUMAE0PiqrJ4E4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7y02RuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCE2EfSCA8IgGEQARgdMgKKAjoCgECACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItMjkzNzQ5NDU2Nzk0OTI3OBjfkR8&sigh=GhelrbW07AQ&uach_m=[UACH]&template_id=419
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 9C61
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js
Requested by
Host: 06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
URL: https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:35:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9550
x-xss-protection
0
server
cafe
etag
715955199520789971
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 17:35:14 GMT
moatad.js
z.moatads.com/advancedigitaldfp80721595993/ Frame 2A2A
12 KB
5 KB
Script
General
Full URL
https://z.moatads.com/advancedigitaldfp80721595993/moatad.js
Requested by
Host: 06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
URL: https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.105.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-242.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6cd746746764002dec02d76f1d19a10b6a2919cae24db0f1449596f1da33b285

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 19:13:26 GMT
server
AmazonS3
x-amz-request-id
AGGJM0N51JKT7ZSR
etag
"eb0b1e45663b912f5f0b67d4c9d1f59b"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=54226
accept-ranges
bytes
content-length
4393
x-amz-id-2
sSMVwGDict3lgfC+aqN9RnFUYMzSEnGnhOVKq8rUTkkGVqVvjhUB7pIWO88PLvaCUyVjwinrXg0=
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2A2A
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
URL: https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:52:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2678
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 19 Sep 2023 16:52:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2A2A
141 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
URL: https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:37:10 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 894C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsve7Y12bET_9QKet2gEaH5k2VJODJiWSwGDHcDscZc18iRkJj_BsB9NYeqAoTjYqJ6WEjEw_0PyvqfKs3sf3_TlooQ1X4mU1snM-QRe4memiqD6cddK7UKjKY7UaZcXTXJy9lqhUCbRmsEhGQgB4ecQ1ttmdRUyDF3YCsziU9Fq9hRVu5jIOj1WBqKkSK6cZ5djvj0UBVirnfG_1Az2ylgl4A7pW4BVfwkRlATKiLJoZKLnwxdkzQUh0GKkf-Wj7GT8PrU_2KPYyu5VoopL8rycaYBM3atLNgtazQLfbSyaaTQ4oWFSf9Ui2osl8zh5ENNe&sai=AMfl-YQPKSAV6P5y5UYm_f72eDtd4pKjlSJR7NNiWtzuLam504xvbIlUPURhTxt9QQFdoV4PHM459NK72Y5RDtLqpwkLr-p4_ciPN1uF8nlN8BRjHfOaBayNaiC6sOIc1Ks&sig=Cg0ArKJSzL-GwaAGL5x4EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:37:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 19 Sep 2022 17:37:10 GMT
increment
id5-sync.com/api/esp/
0
319 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.al.com
date
Mon, 19 Sep 2022 17:37:09 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security
max-age=63072000; includeSubDomains; preload
syncframe
gum.criteo.com/ Frame E38E
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.al.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:37:09 GMT
server
Kestrel
server-processing-duration-in-ticks
859846
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cmTagINLINE_INSTREAM.js
vidstat.taboola.com/vpaid/units/32_2_6/infra/
815 KB
138 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/32_2_6/infra/cmTagINLINE_INSTREAM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.5/UnitInlineDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
1d328c219447e6bbc9cbaae672e5701419cefe574db31c112f29212710d53272

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Origin
https://www.al.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
via
1.1 varnish
age
203288
x-amz-meta-mtime
1663405598
x-cache
HIT
x-amz-meta-ctime
1663405599
x-amz-meta-mode
33188
content-encoding
br
content-length
140426
x-amz-id-2
p6oz0e03LAgJZ8I/LDuy5Y7qUzhmqrnUsUv+UWfCWCxg0MQDRKkpwrIhBv/JvFXq4bGFRIXkZEw=
x-served-by
cache-yul12833-YUL
accept-ranges
bytes
last-modified
Sat, 17 Sep 2022 09:06:40 GMT
server
AmazonS3-br
x-timer
S1663609030.314441,VS0,VE0
etag
"67f803f0b3f0d56362749093ee2178a9"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
2N0Z0CS4Z32GGZ7S
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
111
cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_2_6/assets/css/
63 KB
9 KB
Stylesheet
General
Full URL
https://vidstat.taboola.com/vpaid/units/32_2_6/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.5/UnitInlineDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
via
1.1 varnish
age
203307
x-amz-meta-mtime
1663405623
x-cache
HIT
x-amz-meta-ctime
1663405624
x-amz-meta-mode
33188
content-encoding
br
content-length
8297
x-amz-id-2
SxOddrZsuw7/DutQe8VoZwPNTkJTRtIPPP9Tpmr94A9TbyqbrpAbrjNQTuDBBixa5iUiE8XTB9I=
x-served-by
cache-yul12830-YUL
accept-ranges
bytes
last-modified
Sat, 17 Sep 2022 09:07:05 GMT
server
AmazonS3-br
x-timer
S1663609030.282002,VS0,VE0
etag
"a28320a69408adba1f01f56d6eb80708"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
QND9QEEVDEQGGB3P
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
165089
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 90C6
9 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16005181246223008224/970x250/SailPoint-HomeDepot-Stat-DigitalAds-V1-970x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 01:28:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:28:37 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 90C6
26 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16005181246223008224/970x250/SailPoint-HomeDepot-Stat-DigitalAds-V1-970x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:23:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4445
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 20 Sep 2022 16:23:05 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 90C6
236 KB
63 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16005181246223008224/970x250/SailPoint-HomeDepot-Stat-DigitalAds-V1-970x250.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 17:37:10 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame B43B
623 B
740 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
39cfc3b2f18c06d718db59e9e6750408759c1a668e9c30368873761c7c9e7e37

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
408
content-type
text/html
date
Mon, 19 Sep 2022 17:37:10 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pixel.gif
px.moatads.com/
43 B
267 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_DFP1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1663609027954&de=596173601160&rx=201346368572&m=0&ar=5aeef158bee-clean&iw=f009e8a&q=2&cb=0&cu=1663609027954&ll=2&lm=0&ln=0&em=0&en=0&d=1491967135%3A571348615%3A1731081415%3A138224706452&bo=343101415&bp=387187255&bd=undefined&zMoatAU=%2F344101295%2FAL%2Fwww.al.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Bottom&zMoatPlatform=desktop&zMoatVersion=adv-1.1-c&zMoatATF=false&zMoatCounter=1&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387187255&zMoatJS=-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&id=1&ii=4&dfp=0%2C1&la=387187255&gw=advanceddigitalheader640552616592&fd=1&it=500&pe=1%3A1014%3A1014%3A0%3A1077&fs=200157&na=2032464822&cs=0
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.105.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:37:10 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:37:10 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame E42B
143 B
476 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
URL: https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
3373
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 16:40:57 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 9C61
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: 06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
URL: https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 17:31:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 9C61
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
URL: https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:30:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 17:30:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2A2A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssK3yohe3fMTEQ6x5c-N-kFr_hVhRakOlGG1uuCCLUMQCks0zkKtPDU5Le00A2yl0VU23L0VZyHQK1Xgr2qAUsNy0jRY0xFrifltJAcyPAjSXalb9pD5QK--HcmjNO8TejUdAwJBQqgL7M61IlLdYmBlDbHJ-nurf6V6kE1vmD6Cd3VBZmbzDnGCaYNsiZiikoj-nlz6Bc56FoyjeQNLc8Bn90ioes-OWCLO_kPGY46JvLM4bF-jxBAOLsWDnP2a_3pzTVone6EFUtmxvxvfiDNX7-Uj3M0VXnz-5g_ntTLQox8-cB5wWCEP3PJL-GqQg&sai=AMfl-YRUbvFlw1z9CqXg48UgL4zu3NZN8aiqQe1dF25q8ZyvZKCsnUtpbwYVHzSb8hMrGetYZqbAPHnvabRMVDgG4NM_t2Gy7toWYkmfuYtL2q7ctMQ_a7IruKt_SubGl0s&sig=Cg0ArKJSzLW6NdkeGuy3EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
URL: https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:37:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
realestate.al.com/ Frame 2A2A
5 KB
2 KB
Script
General
Full URL
https://realestate.al.com/?classification=real+estate&temp_type=browse&tl=41&showcase=on&tp=RE_bama&click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv0mYdod5uhBOc3jSvr9d9OgwijvZkEACy8JwV9CiPE0hyOvD9OevD8jl7cRTFiCKhyyUVXMkrzCuve-uZjaJBuLU0iYAqjMNWJanCWhXoi40wmwwuVR5q00mgUq-fBW9BhUT4A8eYNo0LIVPfX69VaB_Z-QP2LtvyCDOPcEjvm8l7bX62vp193J9WWhT55-ocpb78tb5MhRUKsHzHKmtPmpV9FV0zxrBolykDm8UQEPOP0Y6mHD9Vihhh7MLuQkM8JC0GhqvXhLDYFN9y7p0B9otXiB7VECP4k9JXpI1TQIejerurS5jPNvoronQ&sai=AMfl-YTsPe0IfGVQDzDTP4jS-0GB9Vb-pUZfCXD8xrbQLcojSfTYEL5eB_rqM1X7cJ-IlMchwvSsSQrRCCL0kIf5pxnO-L7wjd8iwFyl4LJTD4W6cXEPYUXSO-qJbCi7Hw0&sig=Cg0ArKJSzNSI4QHtPKzaEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=&v=2
Requested by
Host: 06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
URL: https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7a5d4634b3216f8d40b8828a5360e03c24fcb65d603eb1b1910e70a49d5264d4
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=315360000
content-encoding
gzip
x-shield-cache-expires
10
last-modified
Mon, 19 Sep 2022 17:32:00 GMT
age
0
date
Mon, 19 Sep 2022 17:37:10 GMT
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/html; charset=ISO-8859-1
expires
Mon, 19 Sep 2022 18:37:00 GMT
cache-control
stale-if-error=3600, public, max-age=300
x-timer
S1663609030.428547,VS0,VE64
content-length
1740
x-served-by
cache-iad-kjyo7100167-IAD, cache-yul12832-YUL
sid
mug.criteo.com/ Frame E38E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=al.com&sn=ChromeSyncframe&so=0&topUrl=www.al.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=J8pOAHx0b3dtQmFuaVhubWxycWk2cHVDdzdnSldBeUxvaVpSN2xLMmhTUXlxekE3VXI3N0Y1ZldTd1ZRTkR3VFZuemIxQkVZVTV0dE1jbEViQWVodXR3UlR4YUY5U0xrblM1UlZnaVdNRHJMcXRiVFNBTTVrTHF0dmVIZW...
419 B
645 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=J8pOAHx0b3dtQmFuaVhubWxycWk2cHVDdzdnSldBeUxvaVpSN2xLMmhTUXlxekE3VXI3N0Y1ZldTd1ZRTkR3VFZuemIxQkVZVTV0dE1jbEViQWVodXR3UlR4YUY5U0xrblM1UlZnaVdNRHJMcXRiVFNBTTVrTHF0dmVIZWRhQ2d2MjY2RFh4dzlPSGZEZHhybXBzWitsZVNHTGhsTUhPTFZsbk8yVlVQTG9yK0g1Q1ZaUHI5dE9FTjB0TWRqRzJRN2xOVFFmM3BEcThEcUVTTVJEV1dhZXI5Z2UxSUpLTlBJaGp3U2tjUXNFZXFjVVVlSXIxV3kyQitNanpKdE5YeWs1U21welZpMVZkbHJpUTREaFQrUnRHaXhUZz09fA&cppv=2
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
752ad69fc2e90233f11cd5121335c04e2e9c62795c744d4b9e4396b331a05e7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:10 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2728649
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:10 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=J8pOAHx0b3dtQmFuaVhubWxycWk2cHVDdzdnSldBeUxvaVpSN2xLMmhTUXlxekE3VXI3N0Y1ZldTd1ZRTkR3VFZuemIxQkVZVTV0dE1jbEViQWVodXR3UlR4YUY5U0xrblM1UlZnaVdNRHJMcXRiVFNBTTVrTHF0dmVIZWRhQ2d2MjY2RFh4dzlPSGZEZHhybXBzWitsZVNHTGhsTUhPTFZsbk8yVlVQTG9yK0g1Q1ZaUHI5dE9FTjB0TWRqRzJRN2xOVFFmM3BEcThEcUVTTVJEV1dhZXI5Z2UxSUpLTlBJaGp3U2tjUXNFZXFjVVVlSXIxV3kyQitNanpKdE5YeWs1U21welZpMVZkbHJpUTREaFQrUnRHaXhUZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
489103
content-length
0
expires
0
pixel.gif
px.moatads.com/
43 B
267 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.al.com%2F%2Fnews%2F2022%2F09%2FIFRAME&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-5t%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-lNpXKgt%2BRfoJWg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=975&gp=2115.796875&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&id=1&ii=4&pl=0&f=0&j=&t=1663609027954&de=596173601160&rx=201346368572&cu=1663609027954&m=2369&ar=5aeef158bee-clean&iw=f009e8a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2115.796875&lb=5952&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1014%3A1014%3A0%3A1077&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=129&cd=0&ah=129&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1491967135%3A571348615%3A1731081415%3A138224706452&bo=343101415&bp=387187255&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387187255&dfp=0%2C1&la=387187255&zMoatAU=%2F344101295%2FAL%2Fwww.al.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Bottom&zMoatPlatform=desktop&zMoatVersion=adv-1.1-c&zMoatATF=false&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&oq=0&ot=0&tc=0&fs=200157&na=1011597455&cs=0
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.105.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:37:10 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:37:10 GMT
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/
428 KB
85 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_2_6/infra/cmTagINLINE_INSTREAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
c1a8855b73e7e03e4f608f57a79ae72a3b6250e9c71eeaa5a6ba0e301a6ac166

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
via
1.1 varnish
age
478108
x-amz-meta-mtime
1663130878
x-cache
HIT
x-amz-meta-ctime
1663130890
x-amz-meta-mode
33188
content-encoding
br
content-length
86909
x-amz-id-2
Qh43Tabf+ALpwdcj+SaaLLfSw0z7V2Iylh7LYzPM0g6gONdRO+Vj0Ij839vxNXK2ex2iM2ZCZrw=
x-served-by
cache-yul12830-YUL
accept-ranges
bytes
last-modified
Wed, 14 Sep 2022 04:48:11 GMT
server
AmazonS3-br
x-timer
S1663609031.543072,VS0,VE0
etag
"b5759f72b9e2fae3f83ca62db3973a4e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
38C7400RCFYM25R4
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
487476
sync
us-match.taboola.com/ Frame FEDE
8 KB
8 KB
Document
General
Full URL
https://us-match.taboola.com/sync?dast=V7rYkCFgODgj-liuch-gSDgj-liuch-gUAAAAGBscHJLYyzWaG5cStGQwma9FssFsrR57dWjGcGUbDzWS4MWyMQGIr02xmWE7cmsFgshbNBru1cuTZrRXDmWE03EyGG8PGCiTS9BlNB0nDaTYInRfL02QQFV1vi93hNHsOaoGsaXL53TCGptPhc93rdb_fXWG2a_xuv9zl-_wlg8lkL1juNS_L0-_6vEUO08MtsbwcHqNbYXqrLi7LW3P4m85On9H0eQsdHq_L8tb8PU6H2S1yeVyG09NvtwtNb7MdAAAAAB7-____IQAAAAAiAAAAACQAAAAAKAIq_i0ELgAAAAAw_v___zUATDYEokMOhPbbTZeXw-wPAAAAABAAAAAAEgCB9KYSgA_Vk5P__________5gB-swbmf____8bhR6ABx-AByEAAICLofEcN8x2MYQGIgLFIkYAAAAAlTiZtUeTOqGyqPr__--3ArgCAAgYtJoGWsnSHZR4CwMAACAYW6CHxe83O-wav9tl__________9m_2f_aEI2AABpwpMo9mq_gAAAa7-AAABs2kZuAABvAXBBZ4DD0WwwXB1BrEaz2QEAAADc_f___-uBlG-y2C02Lo9n4hxulrvlbLfxOBfL3cK4W-5mG-9J9e-3lVtkyveRSNNnNB0kDafZIHReLE-TQVR0vS12h9PsOagFsqbJ5bffhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCyW4xcm8HErRusLG7RaLBYC0e-3VpjMo5sFovH5bAY1qLXx_SwTCYr02iLggFhe5E8LdKJwuIcLjfOxWQ429icy9VqsRkNdpuVZbJZToy74UQs0Zws0onssm_5JovdYuPyeCbO4Wa5W852G49zsdwtjLvlbrbxV3aLkWszmLh1g5XFLRoNFmvhyLdba0zGkc1i8bgcFsNa9PqYHpbJZGUa7Ruz2WY2WA4mw31jNtvMBsvBZLjv0Bm-q8_Z6NsMax2f5q-eGY41h0HhMli8K9VppS1IDtrsVeR0aWbKos6ofH5HXoPCc_CYftab9izOKYfWY_R7MCpiieAinShMtofd43IrzA6Lw-2wiCVK00U60ctdvs9fMphM9oLlXvOyPP2uz1vkMD3cEsvL4TG6Faa36uKyvDWHv-ns9BlNn7fQ4fG6LG_N3-N0mN0il8dlOD39drvQ9DZbxBLB6SKdiF7G00X9R4cYLeeq2Vyx2swVw8UqAQAAAAAAAAAsYcq8CQAAAMBpEMvBbrlb54EMdqvFbrVcgAffUN0f62Ra3HK6g91U_l_li_LM5eLGjx_CZHvYPS63wuywONwOKwM8TEIwb_5MEGu1WtYAAAAC2AAAAAHcunkLRIfi_____-MAAABk5OgBAACO94GuAAAAAAAA-AlwtZwN!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_2_6/infra/cmTagINLINE_INSTREAM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
ad36b8d9d88bd6e50734282950233bba3632c6b547b5b6d895c575b56fbe36bd

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 19 Sep 2022 17:37:10 GMT
machineid
3106
server
nginx
loading2.png
vidstat.taboola.com/assets/
24 KB
24 KB
Image
General
Full URL
https://vidstat.taboola.com/assets/loading2.png
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
via
1.1 39379e6e28640430f64b963528b44426.cloudfront.net (CloudFront), 1.1 varnish
age
470587
x-amz-meta-mtime
1498646328
x-cache
Miss from cloudfront, HIT
x-amz-meta-mode
33188
content-length
24300
x-served-by
cache-yul12830-YUL
last-modified
Sun, 02 Jul 2017 14:25:04 GMT
server
AmazonS3
x-timer
S1663609031.568731,VS0,VE0
etag
"ead84d746b6ee07ee78dc4243d7349c8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
YUL62-C2
accept-ranges
bytes
content-type
image/png
access-control-allow-headers
*
x-amz-cf-id
dmqmfMleh8C0NJ-EBZ3QmRC4MuIpyBOzd4fzmENUxaNW0Xl2Jmokxw==
x-cache-hits
96463
replay-button.svg
vidstat.taboola.com/assets/
1 KB
1 KB
Image
General
Full URL
https://vidstat.taboola.com/assets/replay-button.svg
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront), 1.1 varnish
age
1578782
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
701
x-served-by
cache-yul12830-YUL
last-modified
Wed, 13 Feb 2019 09:30:13 GMT
server
AmazonS3
x-timer
S1663609031.569255,VS0,VE0
etag
"e871e80b457ead7801d3bbe63b25c4fb"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
YUL62-C2
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
RBzlSLTIF2WMd11dCM1-n9XpCep1gbe-J5haONyGFBhnGjjXdtRN6A==
x-cache-hits
296565
replay-button-hover.svg
vidstat.taboola.com/assets/
1 KB
1 KB
Image
General
Full URL
https://vidstat.taboola.com/assets/replay-button-hover.svg
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
via
1.1 b6989f0f2e150081d90f4c11e6692d3e.cloudfront.net (CloudFront), 1.1 varnish
age
470587
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
709
x-served-by
cache-yul12830-YUL
last-modified
Wed, 13 Feb 2019 09:30:13 GMT
server
AmazonS3
x-timer
S1663609031.569380,VS0,VE0
etag
"ae0344bce724db935e4f7ba6573ee516"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
YUL62-C2
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
2wTC0Lglndxa46kx_MKoycS17xTp4MTjwCsB8XzhbXbaSx6YrJ3g2g==
x-cache-hits
96548
learn-more-button.svg
vidstat.taboola.com/assets/
2 KB
894 B
Image
General
Full URL
https://vidstat.taboola.com/assets/learn-more-button.svg
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
via
1.1 6e873fe6803a6da3d6232f8bb9104e9f.cloudfront.net (CloudFront), 1.1 varnish
age
1579400
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
634
x-served-by
cache-yul12830-YUL
last-modified
Wed, 13 Feb 2019 09:30:12 GMT
server
AmazonS3
x-timer
S1663609031.569255,VS0,VE0
etag
"3132e8c3bdd274efa7ce1531ec89580d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
YUL62-C2
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
OnlVeZ2sXPv5j0q9_DaVhsLpzdeiCIqtyFB3wkojBTxQZB4YCwcSyg==
x-cache-hits
298697
learn-more-button-hover.svg
vidstat.taboola.com/assets/
2 KB
910 B
Image
General
Full URL
https://vidstat.taboola.com/assets/learn-more-button-hover.svg
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
via
1.1 0fb05a472bd2fcfe266ed8a7a987ab1e.cloudfront.net (CloudFront), 1.1 varnish
age
1504542
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
660
x-served-by
cache-yul12830-YUL
last-modified
Wed, 13 Feb 2019 09:30:11 GMT
server
AmazonS3
x-timer
S1663609031.569285,VS0,VE0
etag
"b14888c73642ebc29c1451727eb1eb8a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
YUL62-C2
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
1zN_wsETybtn6Lp9X7mDjW-E1cpLqrSkWsXeZlCpIcdaWKQL7xCrTw==
x-cache-hits
282584
c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/
3 KB
2 KB
Image
General
Full URL
https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding
gzip
etag
"11d8569a7da0739259e3ac0b0d666e94"
age
89
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1502
x-amz-id-2
m8/PFtYJbvC3up8s3TZcHksWBJVwpPO3Un/GMIi2nwNaFISLmmizo5jC714BmseBtuvymV669+Y=
x-served-by
cache-yul12830-YUL
last-modified
Sun, 10 Jun 2018 13:23:55 GMT
server
AmazonS3
x-timer
S1663609031.572547,VS0,VE0
date
Mon, 19 Sep 2022 17:37:10 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
C8SSB7BV4ZCSQCE5
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
94
x-cache-hits
39
ny75r2x0
sync-tm.everesttech.net/upi/pid/ Frame B43B
0
83 B
Image
General
Full URL
https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:10 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663609031.584378,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-yul12828-YUL
24e52ae5-48e0-ebc6-dae1-6f1d727d0501
pr-bh.ybp.yahoo.com/sync/openx/ Frame B43B
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/24e52ae5-48e0-ebc6-dae1-6f1d727d0501?gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:50cb:1c19:c33a:f836 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame B43B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=b0224ca1-d84c-798f-eb36-79e88d2ac848&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=53ce5430-0132-4e50-8142-31f223e51f5c&ttd_puid=b0224ca1-d84c-798f-eb36-79e88d2ac848&gdpr=0&gdpr_consent=
43 B
322 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=53ce5430-0132-4e50-8142-31f223e51f5c&ttd_puid=b0224ca1-d84c-798f-eb36-79e88d2ac848&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=53ce5430-0132-4e50-8142-31f223e51f5c&ttd_puid=b0224ca1-d84c-798f-eb36-79e88d2ac848&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame B43B
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWM0ZDlmNmItMTEzYi0yNzJiLWZlZDYtMjM1MTQ3YzgwNjI4
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B43B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENY-XkX1jE1jZZVWyfGDZ60&google_cver=1
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENY-XkX1jE1jZZVWyfGDZ60&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENY-XkX1jE1jZZVWyfGDZ60&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 9C61
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9zOhAPNZQbG7pWYFLSR7MHd8b-ssLG1cnlW2laI5jDTgfm4Bt4lgdzMxdD6ArpvpzK_zJ39OG7yiCrsZQ8_f2PdgxDQ
Requested by
Host: 06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
URL: https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9C61
141 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
URL: https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:37:10 GMT
blackScreen60.mp4
vidstatb.taboola.com/vid/
69 KB
0
Media
General
Full URL
https://vidstatb.taboola.com/vid/blackScreen60.mp4
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
via
1.1 d0d33158d52f94b9c0a00d8e9c177f9e.cloudfront.net (CloudFront), 1.1 varnish
age
1764155
x-amz-meta-mtime
1497790439
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-70425/70426
x-amz-meta-mode
33188
Content-Length
70426
x-served-by
cache-yul12830-YUL
last-modified
Sun, 02 Jul 2017 20:41:01 GMT
server
AmazonS3
x-timer
S1663609031.617788,VS0,VE0
etag
"4c56565b3f2f41c2c52ae4e6177ece38"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
YUL62-C2
accept-ranges
bytes
content-type
video/mp4
access-control-allow-headers
*
x-amz-cf-id
u7AklO2cKPSN-TE1gH6vgPAuzN5qz8wrPadcAKz2tiLxLdvshBhzqg==
x-cache-hits
254715
bulk
trc.taboola.com/advance-alabama/log/3/
0
399 B
XHR
General
Full URL
https://trc.taboola.com/advance-alabama/log/3/bulk?route=US%3AUS%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220919-29-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
23
pragma
no-cache
date
Mon, 19 Sep 2022 17:37:10 GMT
via
1.1 varnish
server
nginx
x-timer
S1663609031.629263,VS0,VE23
x-served-by
cache-yul12830-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.al.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
truncated
/ Frame 9C61
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e4947e4db7071a710fb9937063d28fa24f3bfdf7e354701ce9f0872adadc3a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
pixel.gif
px.moatads.com/
43 B
267 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F13478065169671183227&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-5t%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-lNpXKgt%2BRfoJWg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&id=1&ii=4&pl=0&f=0&j=&t=1663609027954&de=551244607233&rx=201346368572&cu=1663609027954&m=2662&ar=5aeef158bee-clean&iw=f009e8a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5952&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1014%3A1014%3A0%3A1077&as=0&ag=106&an=0&gf=106&gg=0&ix=106&ic=106&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=106&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=211&cd=0&ah=211&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1485967855%3A558038455%3A1719447535%3A138386336931&bo=343101415&bp=387187255&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387187255&dfp=0%2C1&la=387187255&zMoatAU=%2F344101295%2FAL%2Fwww.al.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Top&zMoatPlatform=desktop&zMoatVersion=adv-1.1-c&zMoatATF=true&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&tc=0&fs=200157&na=194075714&cs=0
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.105.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:37:10 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:37:10 GMT
jquery-1.8.2.min.js
static.advance.net/static/common/js/libs/ Frame 2A2A
91 KB
33 KB
Script
General
Full URL
https://static.advance.net/static/common/js/libs/jquery-1.8.2.min.js
Requested by
Host: realestate.al.com
URL: https://realestate.al.com/?classification=real+estate&temp_type=browse&tl=41&showcase=on&tp=RE_bama&click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv0mYdod5uhBOc3jSvr9d9OgwijvZkEACy8JwV9CiPE0hyOvD9OevD8jl7cRTFiCKhyyUVXMkrzCuve-uZjaJBuLU0iYAqjMNWJanCWhXoi40wmwwuVR5q00mgUq-fBW9BhUT4A8eYNo0LIVPfX69VaB_Z-QP2LtvyCDOPcEjvm8l7bX62vp193J9WWhT55-ocpb78tb5MhRUKsHzHKmtPmpV9FV0zxrBolykDm8UQEPOP0Y6mHD9Vihhh7MLuQkM8JC0GhqvXhLDYFN9y7p0B9otXiB7VECP4k9JXpI1TQIejerurS5jPNvoronQ&sai=AMfl-YTsPe0IfGVQDzDTP4jS-0GB9Vb-pUZfCXD8xrbQLcojSfTYEL5eB_rqM1X7cJ-IlMchwvSsSQrRCCL0kIf5pxnO-L7wjd8iwFyl4LJTD4W6cXEPYUXSO-qJbCi7Hw0&sig=Cg0ArKJSzNSI4QHtPKzaEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=&v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"cfa9051cc0b05eb519f1e16b2a6645d7"
x-shield-cache-expires
10
age
62
x-cache
HIT, HIT
access-control-max-age
3000
x-amz-request-id
4EDQSMAHQQ39G7DV
x-served-by
cache-iad-kiad7000101-IAD, cache-yul12832-YUL
last-modified
Mon, 07 Aug 2017 19:26:12 GMT
x-timer
S1663609031.673126,VS0,VE0
date
Mon, 19 Sep 2022 17:37:10 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=300
content-length
33434
modernizr-2.6.2.min.js
static.advance.net/static/common/js/libs/ Frame 2A2A
13 KB
6 KB
Script
General
Full URL
https://static.advance.net/static/common/js/libs/modernizr-2.6.2.min.js
Requested by
Host: realestate.al.com
URL: https://realestate.al.com/?classification=real+estate&temp_type=browse&tl=41&showcase=on&tp=RE_bama&click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv0mYdod5uhBOc3jSvr9d9OgwijvZkEACy8JwV9CiPE0hyOvD9OevD8jl7cRTFiCKhyyUVXMkrzCuve-uZjaJBuLU0iYAqjMNWJanCWhXoi40wmwwuVR5q00mgUq-fBW9BhUT4A8eYNo0LIVPfX69VaB_Z-QP2LtvyCDOPcEjvm8l7bX62vp193J9WWhT55-ocpb78tb5MhRUKsHzHKmtPmpV9FV0zxrBolykDm8UQEPOP0Y6mHD9Vihhh7MLuQkM8JC0GhqvXhLDYFN9y7p0B9otXiB7VECP4k9JXpI1TQIejerurS5jPNvoronQ&sai=AMfl-YTsPe0IfGVQDzDTP4jS-0GB9Vb-pUZfCXD8xrbQLcojSfTYEL5eB_rqM1X7cJ-IlMchwvSsSQrRCCL0kIf5pxnO-L7wjd8iwFyl4LJTD4W6cXEPYUXSO-qJbCi7Hw0&sig=Cg0ArKJSzNSI4QHtPKzaEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=&v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
64099d5dc2b3db16074ee223048cefc171144ac08bac35abab300c1f6e2a4ca7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"f4ca648ec6fcabeeab7bad26492a11bd"
x-shield-cache-expires
10
age
170
x-cache
HIT, HIT
access-control-max-age
3000
x-amz-request-id
AAKN62PG4VK0A54Z
x-served-by
cache-iad-kcgs7200155-IAD, cache-yul12832-YUL
last-modified
Mon, 07 Aug 2017 19:26:12 GMT
x-timer
S1663609031.673112,VS0,VE0
date
Mon, 19 Sep 2022 17:37:10 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=300
content-length
5846
showcase-rectangle.css
static.advance.net/static/classifieds/realestate/css/ Frame 2A2A
3 KB
1 KB
Stylesheet
General
Full URL
https://static.advance.net/static/classifieds/realestate/css/showcase-rectangle.css
Requested by
Host: realestate.al.com
URL: https://realestate.al.com/?classification=real+estate&temp_type=browse&tl=41&showcase=on&tp=RE_bama&click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv0mYdod5uhBOc3jSvr9d9OgwijvZkEACy8JwV9CiPE0hyOvD9OevD8jl7cRTFiCKhyyUVXMkrzCuve-uZjaJBuLU0iYAqjMNWJanCWhXoi40wmwwuVR5q00mgUq-fBW9BhUT4A8eYNo0LIVPfX69VaB_Z-QP2LtvyCDOPcEjvm8l7bX62vp193J9WWhT55-ocpb78tb5MhRUKsHzHKmtPmpV9FV0zxrBolykDm8UQEPOP0Y6mHD9Vihhh7MLuQkM8JC0GhqvXhLDYFN9y7p0B9otXiB7VECP4k9JXpI1TQIejerurS5jPNvoronQ&sai=AMfl-YTsPe0IfGVQDzDTP4jS-0GB9Vb-pUZfCXD8xrbQLcojSfTYEL5eB_rqM1X7cJ-IlMchwvSsSQrRCCL0kIf5pxnO-L7wjd8iwFyl4LJTD4W6cXEPYUXSO-qJbCi7Hw0&sig=Cg0ArKJSzNSI4QHtPKzaEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=&v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40093933237cb4fb5b077344618f6d2ded4ee7c7346b4da9222a76d094f2d7ca

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"5975610883850755d7ae5c6337798cde"
x-shield-cache-expires
10
age
96
x-cache
HIT, HIT
access-control-max-age
3000
x-amz-request-id
TW9C58MD2S8GF5DQ
x-served-by
cache-iad-kcgs7200089-IAD, cache-yul12832-YUL
last-modified
Fri, 25 Aug 2017 17:48:42 GMT
x-timer
S1663609031.672714,VS0,VE0
date
Mon, 19 Sep 2022 17:37:10 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=300
content-length
998
logo-tiny.png
static.advance.net/static/classifieds/shared/bama/img/ Frame 2A2A
1 KB
1 KB
Image
General
Full URL
https://static.advance.net/static/classifieds/shared/bama/img/logo-tiny.png
Requested by
Host: realestate.al.com
URL: https://realestate.al.com/?classification=real+estate&temp_type=browse&tl=41&showcase=on&tp=RE_bama&click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv0mYdod5uhBOc3jSvr9d9OgwijvZkEACy8JwV9CiPE0hyOvD9OevD8jl7cRTFiCKhyyUVXMkrzCuve-uZjaJBuLU0iYAqjMNWJanCWhXoi40wmwwuVR5q00mgUq-fBW9BhUT4A8eYNo0LIVPfX69VaB_Z-QP2LtvyCDOPcEjvm8l7bX62vp193J9WWhT55-ocpb78tb5MhRUKsHzHKmtPmpV9FV0zxrBolykDm8UQEPOP0Y6mHD9Vihhh7MLuQkM8JC0GhqvXhLDYFN9y7p0B9otXiB7VECP4k9JXpI1TQIejerurS5jPNvoronQ&sai=AMfl-YTsPe0IfGVQDzDTP4jS-0GB9Vb-pUZfCXD8xrbQLcojSfTYEL5eB_rqM1X7cJ-IlMchwvSsSQrRCCL0kIf5pxnO-L7wjd8iwFyl4LJTD4W6cXEPYUXSO-qJbCi7Hw0&sig=Cg0ArKJSzNSI4QHtPKzaEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=&v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ef45bf257c039658ec85b1e9689b180583397ee6bd2f3f2faa6d29f420bbfd1a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
etag
"7a00772c717f698d2283699982f6d9e2"
x-shield-cache-expires
10
age
19133
x-cache
HIT, HIT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
H1GZPBP443WQT5PJ
x-served-by
cache-iad-kcgs7200162-IAD, cache-yul12832-YUL
last-modified
Wed, 23 Aug 2017 17:55:23 GMT
x-timer
S1663609031.673118,VS0,VE0
date
Mon, 19 Sep 2022 17:37:10 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
content-length
1289
452287235.jpg
images-re.al.com/images/bama/al_apartment_communities/mdControlled/ad_image/ Frame 2A2A
12 KB
12 KB
Image
General
Full URL
https://images-re.al.com/images/bama/al_apartment_communities/mdControlled/ad_image/452287235.jpg
Requested by
Host: realestate.al.com
URL: https://realestate.al.com/?classification=real+estate&temp_type=browse&tl=41&showcase=on&tp=RE_bama&click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv0mYdod5uhBOc3jSvr9d9OgwijvZkEACy8JwV9CiPE0hyOvD9OevD8jl7cRTFiCKhyyUVXMkrzCuve-uZjaJBuLU0iYAqjMNWJanCWhXoi40wmwwuVR5q00mgUq-fBW9BhUT4A8eYNo0LIVPfX69VaB_Z-QP2LtvyCDOPcEjvm8l7bX62vp193J9WWhT55-ocpb78tb5MhRUKsHzHKmtPmpV9FV0zxrBolykDm8UQEPOP0Y6mHD9Vihhh7MLuQkM8JC0GhqvXhLDYFN9y7p0B9otXiB7VECP4k9JXpI1TQIejerurS5jPNvoronQ&sai=AMfl-YTsPe0IfGVQDzDTP4jS-0GB9Vb-pUZfCXD8xrbQLcojSfTYEL5eB_rqM1X7cJ-IlMchwvSsSQrRCCL0kIf5pxnO-L7wjd8iwFyl4LJTD4W6cXEPYUXSO-qJbCi7Hw0&sig=Cg0ArKJSzNSI4QHtPKzaEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=&v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b0e5f75737069b92366556f368840c2f2778d722ae369acb134fada124d3fd1d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
x-shield-cache-expires
10
last-modified
Mon, 07 Apr 2014 16:38:29 GMT
age
1073
etag
"3136-4f6767f4a6b40"
x-cache
HIT, HIT
content-type
image/jpeg
cache-control
x-timer
S1663609031.676056,VS0,VE1
content-length
12598
x-served-by
cache-iad-kiad7000107-IAD, cache-yul12832-YUL
238174758.gif
report-re.al.com/images/mdwtc/MDAPT_SITE/ Frame 2A2A
43 B
247 B
Image
General
Full URL
https://report-re.al.com/images/mdwtc/MDAPT_SITE/238174758.gif?com_id=563532391;mgmt_co_id=2566413;pc=484;
Requested by
Host: realestate.al.com
URL: https://realestate.al.com/?classification=real+estate&temp_type=browse&tl=41&showcase=on&tp=RE_bama&click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv0mYdod5uhBOc3jSvr9d9OgwijvZkEACy8JwV9CiPE0hyOvD9OevD8jl7cRTFiCKhyyUVXMkrzCuve-uZjaJBuLU0iYAqjMNWJanCWhXoi40wmwwuVR5q00mgUq-fBW9BhUT4A8eYNo0LIVPfX69VaB_Z-QP2LtvyCDOPcEjvm8l7bX62vp193J9WWhT55-ocpb78tb5MhRUKsHzHKmtPmpV9FV0zxrBolykDm8UQEPOP0Y6mHD9Vihhh7MLuQkM8JC0GhqvXhLDYFN9y7p0B9otXiB7VECP4k9JXpI1TQIejerurS5jPNvoronQ&sai=AMfl-YTsPe0IfGVQDzDTP4jS-0GB9Vb-pUZfCXD8xrbQLcojSfTYEL5eB_rqM1X7cJ-IlMchwvSsSQrRCCL0kIf5pxnO-L7wjd8iwFyl4LJTD4W6cXEPYUXSO-qJbCi7Hw0&sig=Cg0ArKJSzNSI4QHtPKzaEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=&v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
x-shield-cache-expires
0
last-modified
Mon, 02 Jun 2014 14:34:24 GMT
x-timer
S1663609031.675643,VS0,VE18
etag
"61ba3-2b-4fadb4aadbca6;4fadb4aae87eb"
x-served-by
cache-iad-kcgs7200061-IAD, cache-yul12832-YUL
x-cache
MISS, MISS
content-type
image/gif
cache-control
max-age=0, private
content-length
43
expires
Mon, 19 Sep 2022 17:38:34 GMT
prebid.js
vidstat.taboola.com/prebid/1.0.18/
124 KB
40 KB
Script
General
Full URL
https://vidstat.taboola.com/prebid/1.0.18/prebid.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0aa2a6b51271bc0c6fdcea8cfefc7a89c09eea960f83bc7c6e5fcd0c7d039052

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
via
1.1 5da360f23ca6a5d9a9a5e95b0b553be0.cloudfront.net (CloudFront), 1.1 varnish
age
614534
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
40521
x-served-by
cache-yul12830-YUL
last-modified
Sun, 06 Jun 2021 07:44:01 GMT
server
AmazonS3
x-timer
S1663609031.744909,VS0,VE0
etag
"6f31c88be8fd6352b1edf0b2ee62d447"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
YUL62-C2
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
1cH8YjhZmThXJ7ElWYedrxPA0OZ_RKctlmayFcp0El6FAZ4ZSLnwTA==
x-cache-hits
98787
10194785
ads.stickyadstv.com/vast/vpaid-adapter/
1 KB
2 KB
XHR
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/10194785?_fw_gdpr=0&schain=1.0,1!taboola.com,1031841,1,199152718&_fw_us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
5b7993df1ddabf2ffeb1a8954a73896a31ab1b8e87c4eaafe784fda75618abc3

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:10 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.al.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1663609030875035-318
si
googleads.g.doubleclick.net/pagead/drt/ Frame E42B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
URL: https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:37:10 GMT
expires
Mon, 19 Sep 2022 17:37:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:37:10 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
750 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
8133
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
VNuE79zGkuG1WkYkook/LzjO6m8khshs44k88xUnWQ3oapFOdrvCIvii4035AZYl3g9EnhgUwco=
x-served-by
cache-yul12830-YUL
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1663609031.825927,VS0,VE0
date
Mon, 19 Sep 2022 17:37:10 GMT
x-amz-request-id
JFXX7NJ7M2FJYZ6M
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
94
x-cache-hits
5904
276825503.jpg
classimage.advance.net/classifieds/classre/width245/img/images/bama/al_apartment_communities/mdControlled/ad_image/ Frame 2A2A
21 KB
21 KB
Image
General
Full URL
https://classimage.advance.net/classifieds/classre/width245/img/images/bama/al_apartment_communities/mdControlled/ad_image/276825503.jpg
Requested by
Host: 06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
URL: https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e9578cd7f56d410be192f1bd13e06fef70c7d9af1156b6c905d6dfbb1ef98318

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:10 GMT
x-shield-cache-expires
10
last-modified
Fri, 04 Nov 2011 18:04:25 GMT
age
18752
x-imginx-cache
MISS
etag
W/"4f34-4b0ec890ddc40"
x-cache
HIT, HIT
content-type
image/jpeg
expires
Wed, 07 Sep 2022 05:12:59 GMT
cache-control
max-age=86400
x-timer
S1663609031.881781,VS0,VE0
content-length
21129
x-served-by
cache-iad-kcgs7200144-IAD, cache-yul12832-YUL
opacitor.png
static.advance.net/static/classifieds/realestate/img/ Frame 2A2A
997 B
1 KB
Image
General
Full URL
https://static.advance.net/static/classifieds/realestate/img/opacitor.png
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/classifieds/realestate/css/showcase-rectangle.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
256b42d63146c599e22aa9f3da750cca15a444db46b7207d49fa58e1d1869a76

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://static.advance.net/static/classifieds/realestate/css/showcase-rectangle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
etag
"df0c44b81005f11b3043d296f4a2a488"
x-shield-cache-expires
10
age
22335
x-cache
HIT, HIT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
8K5735AQTX4Y2BQR
x-served-by
cache-iad-kcgs7200144-IAD, cache-yul12832-YUL
last-modified
Fri, 25 Aug 2017 17:52:25 GMT
x-timer
S1663609031.881752,VS0,VE0
date
Mon, 19 Sep 2022 17:37:10 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
content-length
997
view
securepubads.g.doubleclick.net/pcs/ Frame 2A2A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGjOMixvsN0OsNT96Ct1YzQYrolgGdklhSkzijBHHt5nlDI8bT5eSBbLOIm4JtxlWNVc384Od9DgSSWIUQUi4-C2uCIcfimUQhF-Uzzq9-fJAgvgWWr6zmqcV-EV1K50yYyVtKBvBRDgxyP3kMNV-fJHMbAawR_lH3AJQM0HlAoQOn8AawYkZDeYNq1qsBZO4_1tMeM-JIxxDyFXsh490UHFdszd4PqwVFlxs3z4gvJTCqxlug1x8p8JlsarMz50tEAG6zcI6NaLFq0Qi1WecqCJ6K1Z4IRDIIah-l-Y4GRHZD9PmAg2_VvevMwaNNQ6iF&sai=AMfl-YTb36CCWF2Z1jnRrrAY8D1D9k0KUsedN_l_C91Lc5dVSoe_RYkPD3yFvakYgr6905bYEQ6FS3LsmfAkjlcKSHfn8cRwVs8AxzN4XUi5dqpsqQYakhYtCyWg7AMUdl4&sig=Cg0ArKJSzIgQjUHpX25LEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:37:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 19 Sep 2022 17:37:10 GMT
v1
prg.smartadserver.com/prebid/
835 B
2 KB
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
86ffff422121296921a28989a93fe4870ddea168c11be08a1c78efbe5c3be07c

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:10 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.al.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
avjp
taboola-d.openx.net/v/1.0/
106 B
353 B
XHR
General
Full URL
https://taboola-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.al.com&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=&nocache=1663609030903&gdpr_consent=&gdpr=0&us_privacy=1---&schain=1.0%2C1!taboola.com%2C1031841%2C1%2C227501837%2C%2C&skippable=true&protocol=6&auid=543963954&vwd=1024&vht=576&vos=101&aumfs=600
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:10 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.al.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 2A2A
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2227c7750083e142d64b01a9b2bfbbc8ca99fd983fd6577dd3880867f09b0d44

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js
pagead2.googlesyndication.com/bg/ Frame 90C6
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:22:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425655
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15932
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:22:55 GMT
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame E53C
342 KB
116 KB
Script
General
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:37:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1663609031.dop096.dc2.t,1663609031.cds001.dc2.shn,1663609031.cds001.dc2.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/
2 B
219 B
XHR
General
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.al.com
date
Mon, 19 Sep 2022 17:37:11 GMT
access-control-allow-credentials
true
server
nginx
content-type
text/plain; charset=UTF-8
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame
0
0
Preflight
General
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.al.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.al.com
access-control-max-age
5
content-length
0
date
Mon, 19 Sep 2022 17:37:10 GMT
server
nginx
data
bcp.crwdcntrl.net/6/
172 B
546 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/958/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a90c97446825de8dff1e47f7b4895c260d2ad07e58b8defc820de1bc0cceb1b5

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:11 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.al.com
cache-control
no-cache
x-server
10.40.45.15
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
172
expires
0
115
check.analytics.rlcdn.com/check/
25 B
385 B
XHR
General
Full URL
https://check.analytics.rlcdn.com/check/115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-12.jfk50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:11 GMT
via
1.1 b601959712c1f21193a489b5759f70ba.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
x-amzn-requestid
672b7c22-ae0f-4740-9503-f24d236e54aa
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6328a8c7-28b1f51b05be475f029343df
x-amz-apigw-id
Yt9PME4wDoEFvZA=
content-length
25
x-amz-cf-id
-7LOtEXhe9y753O6kiLB98k-UHEQBaahD8AplvFJhgvvmMU4TTcnuQ==
i.png
trx-hub.com/i/m/
128 B
446 B
Image
General
Full URL
https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5gBfAGhAFsBTCMDSMI0AZ2oGMItEciQA5aihYgKYAK4QAFsj4AxaGBwBrAAQAhMACswykORBdKuAsQPjoAGxHEQ0avGrR70PqJBYWsGAA9Y9x2cnIngwa2oDSBhYMAAHWOocDGYDWLA8am9FdmoiAG1WRAscvikoWJZCAHoqlDqAOjD69kRKKpwhFiqAJgAGbu6q3oBOKrZobnEWAFoGOmmAI3swdilpyGnxBadplljECEssPDKZqRXlHZZEdiww2Y5qWK4eerLKS3cApxc3MSg4EhUOhsPgUiQALoUdhTCCtWA0OgpCixaCIBLQCAAT1gWGShBAAAUAEoAeUJAFFiQAVACasAAkgARdwwlhwmhwPF8egANyUOVgABYAIwAdgwwxiljACzAlCY0LxsRFPIw-JwgtFEuGrOV3R5MrlCvc12KuQJZQgFWqtQaTRabQ6wh6-UGIzGTkmMzmYEWy1W6wgm220F2+0Ox1O03O7EuYeut3uGEez24ODeEA+7movMSEG8WISfCwlFR1BYLHT7j+IDYnGrBMEwncEmksgJCiUak0Oj00KO+e8pYtID6A2mI2mIuG1PFhAAzGLCCKRfURQAOMUALXcaQyw8Oo4Ayl6iixVL7VEtqCspKpIKoAKqh1R7A5HE4QC+x+Nvm53JYl6pi8OCqNMD6WM0rTuFg3IEnBGAigAbMhC7ISMvQLquW63vA+hAA
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-57.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:25:06 GMT
via
1.1 3aa2aa1b7b816f70e94675c9a63f98d0.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 04:40:25 GMT
server
AmazonS3
age
43926
etag
"90eb1bf3b49429bde87a3b5f0b53e6a5"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
content-length
128
x-amz-cf-id
93JqgEEh2EAs_Mz75JRfQT-HsVFQSPrk3eAl6XukMR1SMloUpePVxg==
i.png
trx-hub.com/i/x/
128 B
444 B
Image
General
Full URL
https://trx-hub.com/i/x/i.png?q=N4IgDglgJiBcIEMoDcEDsDGBTA+gFgEYB2KAThwQBsEAjBAWwRABoQJo43oCA2HgZh4AGUkP4ECADiJYEAMxYgAHtADOcUHIBOvAcNHipAVgDmNDJwAWAF2thVsAPSOA7m4B0AVxpYt7jAD29I5oWC6qWgFBjqpYGJ5aENYAngC0nmBQCNZYjiAAvvlAA
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-57.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:25:00 GMT
via
1.1 3aa2aa1b7b816f70e94675c9a63f98d0.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 04:40:42 GMT
server
AmazonS3
age
43932
etag
"90eb1bf3b49429bde87a3b5f0b53e6a5"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
content-length
128
x-amz-cf-id
Qnv-M7CmGleYG1f3NZttic1LWWcq6s8GpYoiksOPo_fQZ3CK9YaqqA==
activeview
pagead2.googlesyndication.com/pcs/ Frame 894C
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGX3SSUIN2j6Hb4HopRgzy5ACI3YI_FPeqSYx8mxysUyIISZM-_WhKxRRFc3y3FH35rzV1KXUR1wyfy82YKywjajL_-4Z_A3QBoo8jFie5_zKuPQbD&sig=Cg0ArKJSzDnYZ8aq8BgAEAE&id=lidar2&mcvt=1008&p=655,975,905,1275&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20220914&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1931124181&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663609029806&rpt=336&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame E53C
25 KB
25 KB
XHR
General
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1663609031298
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:37:11 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1663609031.dop043.dc2.t,1663609031.cds041.dc2.shn,1663609031.cds041.dc2.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.al.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=a89c953af7787798e8f1a47f17567936&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=e9e0e_7145146381475773380&gdpr=0&gdpr_consent=null
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YTg5Yzk1M2FmNzc4Nzc5OGU4ZjFhNDdmMTc1Njc5MzY=&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESENQj-57RLqCqDR90KS-epXo&google_cver=1&gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=53ce5430-0132-4e50-8142-31f223e51f5c
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/a89c953af7787798e8f1a47f17567936?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-8bBw6JhE2oMEK6OFmjj9nOgvkwy50u8miOK_bOhf~A
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=2310414087477230896
  • https://usersync.octillion.tv/fw?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1554&userId=833f3fee-d83a-406c-bbbf-66bb03a30baf
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAEssk7GUVIAAA8DoQQBHw&gdpr=0
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=2XVuaw5n1OAkHK5&gdpr=0
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=3416866980725250136
0
0

/
ads.stickyadstv.com/additional-scripts/ Frame E53C
301 B
1 KB
XHR
General
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=10194785&loc=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:11 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Origin
https://www.al.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1663609031364083-315
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame E53C
67 B
0
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=10194785&_fw_gdpr=0&_fw_us_privacy=1---&schain=1.0%2C1!taboola.com%2C1031841%2C1%2C199152718&vav=7ced3ffe753f23af1ba7b49ea204c57c&vaviv=23718391dfe481df3a98d7c887a7392d&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&playerSize=300x168&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
application/xml, text/xml
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:11 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.al.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1663609031390081-106
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YTg5Yzk1M2FmNzc4Nzc5OGU4ZjFhNDdmMTc1Njc5MzY=&gdpr=0&gdpr_consent=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YTg5Yzk1M2FmNzc4Nzc5OGU4ZjFhNDdmMTc1Njc5MzY=&gdpr=0&gdpr_consent=
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:11 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YTg5Yzk1M2FmNzc4Nzc5OGU4ZjFhNDdmMTc1Njc5MzY=&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1663609031399099-283
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=a89c953af7787798e8f1a47f17567936&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=a89c953af7787798e8f1a47f17567936&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:11 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
QHW4A6KJ3GYQDVAKAAJZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:11 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=a89c953af7787798e8f1a47f17567936&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1663609031422021-138
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame 92ED
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L891V243-1U-3PG3
0
51 B
Image
General
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L891V243-1U-3PG3
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Mon, 19 Sep 2022 17:37:11 GMT
via
1.1 varnish
server
nginx
x-timer
S1663609032.545170,VS0,VE18
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-yul12830-YUL

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L891V243-1U-3PG3
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Expires
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 92ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEECAsyhj-RPKLnfLianzXVs&google_cver=1
0
56 B
Image
General
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEECAsyhj-RPKLnfLianzXVs&google_cver=1
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Mon, 19 Sep 2022 17:37:11 GMT
via
1.1 varnish
server
nginx
x-timer
S1663609031.485226,VS0,VE18
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12830-YUL

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEECAsyhj-RPKLnfLianzXVs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 92ED
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44:$UID
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 92ED
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44
date
Mon, 19 Sep 2022 17:37:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18076
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 92ED
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=53ce5430-0132-4e50-8142-31f223e51f5c
0
207 B
Image
General
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=53ce5430-0132-4e50-8142-31f223e51f5c
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Mon, 19 Sep 2022 17:37:11 GMT
via
1.1 varnish
server
nginx
x-timer
S1663609031.468715,VS0,VE18
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12830-YUL

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=53ce5430-0132-4e50-8142-31f223e51f5c
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 92ED
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
43 B
696 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=42&3pid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
HTTP/1.1
Server
23.92.190.68 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:11 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:11 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 92ED
49 B
729 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-75d8c985f8-2xhn7
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 92ED
43 B
438 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&gdpr=0&gdpr_consent=
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:11 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 92ED
43 B
120 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d41&uid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.209.207.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-207-157.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:11 GMT
content-length
43
x-nosync
emp
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 92ED
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f03674c7-8eff-49f4-9a78-0f9fbe12a0cd
0
230 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f03674c7-8eff-49f4-9a78-0f9fbe12a0cd
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19469

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:11 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f03674c7-8eff-49f4-9a78-0f9fbe12a0cd
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1838793
content-length
0
expires
Mon, 19 Sep 2022 00:00:00 GMT
/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame 92ED
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/6/2.gif?puid=2310414087477230896&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOtC72GwTRi2Vgl8FuK_ZnzHLvrBrALsx1cJ7Qsg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/5/3.gif?puid=21b96328-a8c6-4500-bdea-f3c8e6e4e659&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=53ce5430-0132-4e50-8142-31f223e51f5c&ttl=%%TTL%%
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F3%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/429/3/5.gif?puid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/464/434/2/6.gif?puid=c74b38b7-d1e4-43aa-8616-b98732a9e0f8&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gd...
  • https://id5-sync.com/c/464/108/1/7.gif?puid=93d134d0-5ea6-4555-89d7-3af0e4421845&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F0%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F0%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/112/0/8.gif?puid=995FF7604E9376A8&gdpr=0&gdpr_consent=
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOtC72GwTRi2Vgl8FuK_ZnzHLvrBrALsx1cJ7Qsg
0
230 B
Image
General
Full URL
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOtC72GwTRi2Vgl8FuK_ZnzHLvrBrALsx1cJ7Qsg
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:12 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25384

Redirect headers

location
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOtC72GwTRi2Vgl8FuK_ZnzHLvrBrALsx1cJ7Qsg
date
Mon, 19 Sep 2022 17:37:12 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 92ED
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=taboola&bsw=eb973ce3-3ff4-4fa3-978c-ae04286c1b1c
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=&ssp=taboola&bsw=eb973ce3-3ff4-4fa3-978c-ae04286c1b1c&chk=1
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=Y2U3MmJkMTJjNjM2ZTZl&gdpr=0&gdpr_consent=&us_privacy=&ssp=taboola&bsw_param=eb973ce3-3ff4-4fa3-978c-ae04286c1b1c
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=19664485-99ac-4cb7-83c9-5ab210ec6836
0
230 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=19664485-99ac-4cb7-83c9-5ab210ec6836
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
26462

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=19664485-99ac-4cb7-83c9-5ab210ec6836
Date
Mon, 19 Sep 2022 17:37:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 92ED
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=42040130-a175-487a-b818-5a0c5dc976ef
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=42040130-a175-487a-b818-5a0c5dc976ef&tbid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&query=taboola_hm%3D42040130-a175-...
0
53 B
Image
General
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=42040130-a175-487a-b818-5a0c5dc976ef&tbid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&query=taboola_hm%3D42040130-a175-487a-b818-5a0c5dc976ef&isDirect=0
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:11 GMT
via
1.1 varnish
server
nginx
x-timer
S1663609032.741525,VS0,VE18
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12830-YUL

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=42040130-a175-487a-b818-5a0c5dc976ef&tbid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&query=taboola_hm%3D42040130-a175-487a-b818-5a0c5dc976ef&isDirect=0
date
Mon, 19 Sep 2022 17:37:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27654
sd
u.openx.net/w/1.0/ Frame 92ED
43 B
61 B
Image
General
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&gdpr=0&gdpr_consent=
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 92ED
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&dongle=tbla
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date
Mon, 19 Sep 2022 17:37:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
visitor.omnitagjs.com/visitor/ Frame 92ED
49 B
342 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=54ac1f569912e3c4967bf7b5df910a44&name=TABOOLA&visitor=[BUYER_USERID]&external=true
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:11 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
7
content-type
image/gif
content-length
49
expires
0
/
s.uuidksinc.net/match/1135/ Frame 92ED
0
46 B
Image
General
Full URL
https://s.uuidksinc.net/match/1135/?remote_uid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.155 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:11 GMT
server
nginx/1.19.0
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 92ED
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=WM31tb0ERJpr3rCeZHweRZU4mbU
0
221 B
Image
General
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=WM31tb0ERJpr3rCeZHweRZU4mbU
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22608

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=WM31tb0ERJpr3rCeZHweRZU4mbU
Date
Mon, 19 Sep 2022 17:37:11 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 92ED
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=453&user_id=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44&gdpr=0&gdpr_consent=&us_privacy=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=19664485-99ac-4cb7-83c9-5ab210ec6836&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
244 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=19664485-99ac-4cb7-83c9-5ab210ec6836&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:07:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=19664485-99ac-4cb7-83c9-5ab210ec6836&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Mon, 19 Sep 2022 17:37:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
t.adx.opera.com/ Frame 92ED
35 B
463 B
Image
General
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:11 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 92ED
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=3718af82-324d-48d8-9998-786e2c576cfc
0
230 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=3718af82-324d-48d8-9998-786e2c576cfc
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18066

Redirect headers

date
Mon, 19 Sep 2022 17:37:11 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=3718af82-324d-48d8-9998-786e2c576cfc
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cds-pips.js
cdn.taboola.com/scripts/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220919-29-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
NrP0zRqJgdqCAFOGjLJOgaX1BFZQx8TJ
content-encoding
gzip
etag
"8cbcf8a5c724c32aa9be09d14a4c624d"
age
2131
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
923
x-amz-id-2
E043v4cAlJxnnSXL9R3tp+CFTXw996vLrBDS3tyutnboFiGdeMV2jjChDnaXkTKEN54QsI6IDoo=
x-served-by
cache-yul12830-YUL
last-modified
Thu, 15 Sep 2022 14:11:45 GMT
server
AmazonS3
x-timer
S1663609031.445456,VS0,VE0
date
Mon, 19 Sep 2022 17:37:11 GMT
vary
Accept-Encoding
x-amz-request-id
158FYBNJ3HNDCNTT
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
94
x-cache-hits
11509
/
pips.taboola.com/
4 B
119 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:11 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-yul12833-YUL
access-control-allow-methods
GET
access-control-allow-origin
https://www.al.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/
0
82 B
XHR
General
Full URL
https://cds.taboola.com/?uid=271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Sep 2022 17:37:11 GMT
cache-control
no-store
server
nginx
pixel.gif
px.moatads.com/
43 B
267 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-5t%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-lNpXKgt%2BRfoJWg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&id=1&ii=4&pl=0&f=0&j=&t=1663609027954&de=551244607233&rx=201346368572&cu=1663609027954&m=3626&ar=5aeef158bee-clean&iw=f009e8a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5966&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1014%3A1014%3A0%3A1077&as=1&ag=1072&an=106&gi=1&gf=1072&gg=106&ix=1072&ic=1072&ez=1&ck=1072&kw=972&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1072&bx=106&ci=1072&jz=972&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=972&cd=211&ah=972&am=211&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1485967855%3A558038455%3A1719447535%3A138386336931&bo=343101415&bp=387187255&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387187255&dfp=0%2C1&la=387187255&zMoatAU=%2F344101295%2FAL%2Fwww.al.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Top&zMoatPlatform=desktop&zMoatVersion=adv-1.1-c&zMoatATF=true&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&tc=0&fs=200157&na=1916655206&cs=0
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.105.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:37:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:37:11 GMT
pixel.gif
px.moatads.com/
43 B
267 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-5t%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-lNpXKgt%2BRfoJWg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&id=1&ii=4&pl=0&f=0&j=&t=1663609027954&de=551244607233&rx=201346368572&cu=1663609027954&m=3627&ar=5aeef158bee-clean&iw=f009e8a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5966&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1014%3A1014%3A0%3A1077&as=1&ag=1072&an=1072&gi=1&gf=1072&gg=1072&ix=1072&ic=1072&ez=1&ck=1072&kw=972&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1072&bx=1072&ci=1072&jz=972&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=972&cd=972&ah=972&am=972&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1485967855%3A558038455%3A1719447535%3A138386336931&bo=343101415&bp=387187255&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387187255&dfp=0%2C1&la=387187255&zMoatAU=%2F344101295%2FAL%2Fwww.al.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Top&zMoatPlatform=desktop&zMoatVersion=adv-1.1-c&zMoatATF=true&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&tc=0&fs=200157&na=1326149522&cs=0
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.105.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:37:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:37:11 GMT
pixel.gif
px.moatads.com/
43 B
267 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-5t%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-lNpXKgt%2BRfoJWg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&id=1&ii=4&pl=0&f=0&j=&t=1663609027954&de=551244607233&rx=201346368572&cu=1663609027954&m=3628&ar=5aeef158bee-clean&iw=f009e8a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5966&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1014%3A1014%3A0%3A1077&as=1&ag=1072&an=1072&gi=1&gf=1072&gg=1072&ix=1072&ic=1072&ez=1&ck=1072&kw=972&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1072&bx=1072&ci=1072&jz=972&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=972&cd=972&ah=972&am=972&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1485967855%3A558038455%3A1719447535%3A138386336931&bo=343101415&bp=387187255&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387187255&dfp=0%2C1&la=387187255&zMoatAU=%2F344101295%2FAL%2Fwww.al.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Top&zMoatPlatform=desktop&zMoatVersion=adv-1.1-c&zMoatATF=true&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&tc=0&fs=200157&na=558668654&cs=0
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.105.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:37:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:37:11 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9C61
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQ8iWVmQJLeahLf3peI1FMLgP2pZqkdpPAVmWYAjnSrXZlngDwohH5DLLnJShy-xguIZFF5z2vooIap_5Cvm4ZHAxbFOk6W8IFCuIuTr_Tkx50G0FicS4FrHCglOM1hVEhFEk&sai=AMfl-YRfJYhf4LUX1R4kr9CKPQjKkQ2B9gzplrd3bM0EFNYoSHh7JGW_vVcZTFtMRSU_xfZChr_o0r4HAUlCkzvta_y6Qq9Wltq6y-sNjaWLQrJrNxOKkiM4LPf-x3V8&sig=Cg0ArKJSzIMYxD6C__6VEAE&cid=CAASFeRoL_jfpDj315O3G7kaCijPk9LG_w&id=lidar2&mcvt=1001&p=89,315,339,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=443498825&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663609029802&rpt=977&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 9A08
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel.gif
px.moatads.com/
43 B
267 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_HEADER1&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=4&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&t=1663609027954&de=955932410032&rx=201346368572&m=0&ar=5aeef158bee-clean&iw=f009e8a&q=3&cb=0&cu=1663609027954&ll=2&lm=0&ln=0&em=0&en=0&d=al.com%3ASerious%20data%20breach%20at%20Uber%20spotlights%20hacker%20social%20deception%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=advanceddigitalheader640552616592&fd=1&it=500&pe=1%3A1014%3A1014%3A0%3A1077&fs=200157&na=1816387203&cs=0
Requested by
Host: www.al.com
URL: https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.105.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:37:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:37:12 GMT
optimus_rules.json
tags.crwdcntrl.net/lt/c/958/
26 KB
4 KB
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/958/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/958/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f8051f3eb7b146bdfd1156266a2947c7361e2d9546fa39f4c86cc06d869cd877

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 19 Sep 2022 09:48:54 GMT
content-encoding
gzip
age
28099
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 19 Jul 2022 16:16:15 GMT
server
AmazonS3
etag
W/"5f1caf5b5ed07225c2bf7016429a9c40"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
JFK50-P4
x-amz-cf-id
8PTWeBD-W-ryfo4nhDdzrz9QCeOwp83y_1oR-6lv6g3ggBrm9vimyw==
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0949fd61389cf16da9e70430934ef817fe65b3e53209b9717f8f5f2e68d4a626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11156
x-xss-protection
0
up
insight.adsrvr.org/track/ Frame 4338
885 B
1 KB
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=4pdxx2d&ref=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&upid=2p68cyo&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
82859be1e152f2a630f200c7126f9d735d5090ff4db0bdd77b76ac9c0e3e4adf

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 17:37:12 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
pixel.gif
px.moatads.com/
43 B
267 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.al.com%2F%2Fnews%2F2022%2F09%2F-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-5t%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-lNpXKgt%2BRfoJWg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1663609027954&de=955932410032&rx=201346368572&cu=1663609027954&m=4750&ar=5aeef158bee-clean&iw=f009e8a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5966&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1014%3A1014%3A0%3A1077&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=al.com%3ASerious%20data%20breach%20at%20Uber%20spotlights%20hacker%20social%20deception%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=200157&na=32409014&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.105.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:37:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:37:12 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:37:12 GMT
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 4338
487 B
964 B
Script
General
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=4pdxx2d&ref=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&upid=2p68cyo&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-31.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 00:26:19 GMT
Via
1.1 64aebd154b6045af00c94ad9d2ff49f2.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
Age
61854
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
9-lE-Od5M2J-B-WZlqTzMoGaeQjvtW9FV-Mo8liS15Ak9EinXrS3XA==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 76D5
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
96200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 14:53:52 GMT
expires
Mon, 18 Sep 2023 14:53:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FC47
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fea9e92be4b23ac73187ac204d5d12c0b6aca8c11961784692947b408bb869a6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RRFZkM4UkbMMbr-kiL7tqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-RRFZkM4UkbMMbr-kiL7tqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:37:12 GMT
expires
Mon, 19 Sep 2022 17:37:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ibs:dpid=903&dpuuid=53ce5430-0132-4e50-8142-31f223e51f5c
dpm.demdex.net/ Frame C20E
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=53ce5430-0132-4e50-8142-31f223e51f5c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=53ce5430-0132-4e50-8142-31f223e51f5c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=53ce5430-0132-4e50-8142-31f223e51f5c
42 B
942 B
Document
General
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=53ce5430-0132-4e50-8142-31f223e51f5c
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Content-Type
image/gif
DCS
dcs-prod-usw2-1-v038-0825ad0be.edge-usw2.demdex.com 2 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
HXCvJjqMSFU=
content-encoding
gzip

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
189
content-type
text/html
date
Mon, 19 Sep 2022 17:37:13 GMT
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=53ce5430-0132-4e50-8142-31f223e51f5c
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usermatch.gif
beacon.krxd.net/ Frame DD65
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=53ce5430-0132-4e50-8142-31f223e51f5c
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=PFraC96M&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=53ce5430-0132-4e50-8142-31f223e51f5c
  • https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=53ce5430-0132-4e50-8142-31f223e51f5c
0
0
Document
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=53ce5430-0132-4e50-8142-31f223e51f5c
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.122.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-122-29.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, no-cache, no-store
date
Mon, 19 Sep 2022 17:37:12 GMT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-request-time
D=32 t=1663609032
x-served-by
beacon-n023-ash-prod.krxd.net

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
227
content-type
text/html
date
Mon, 19 Sep 2022 17:37:12 GMT
location
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=53ce5430-0132-4e50-8142-31f223e51f5c
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
5386
tags.bluekai.com/site/ Frame C94D
Redirect Chain
  • https://tags.bluekai.com/site/5386?id=53ce5430-0132-4e50-8142-31f223e51f5c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
  • https://tags.bluekai.com/site/5386?id=53ce5430-0132-4e50-8142-31f223e51f5c&gdpr=0&gdpr_consent=
62 B
470 B
Document
General
Full URL
https://tags.bluekai.com/site/5386?id=53ce5430-0132-4e50-8142-31f223e51f5c&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.100.229 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
62
content-type
image/gif
date
Mon, 19 Sep 2022 17:37:13 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
221
content-type
text/html
date
Mon, 19 Sep 2022 17:37:13 GMT
location
https://tags.bluekai.com/site/5386?id=53ce5430-0132-4e50-8142-31f223e51f5c&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js
pagead2.googlesyndication.com/bg/ Frame 76D5
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:22:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15932
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:22:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FC47
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091501&jk=1565491691461689&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

results.txt
su4jtnlipz2kgyzivdeq-pyypxn-f014c1453-clientnsv4-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pyypxnd1e
  • https://su4jtnlipz2kgyzivdeq-pyypxn-f014c1453-clientnsv4-s.akamaihd.net/eum/results.txt
8 B
312 B
XHR
General
Full URL
https://su4jtnlipz2kgyzivdeq-pyypxn-f014c1453-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
104.126.116.163 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-116-163.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:37:13 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://su4jtnlipz2kgyzivdeq-pyypxn-f014c1453-clientnsv4-s.akamaihd.net/eum/results.txt
Date
Mon, 19 Sep 2022 17:37:13 GMT
Server
AkamaiGHost
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
results.txt
eydvgaaamb4gojqacqnqaeyaabrsrkgj-pyypxn-9aab142cf-clienttons-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pyypxnd1e
  • https://eydvgaaamb4gojqacqnqaeyaabrsrkgj-pyypxn-9aab142cf-clienttons-s.akamaihd.net/eum/results.txt
8 B
312 B
XHR
General
Full URL
https://eydvgaaamb4gojqacqnqaeyaabrsrkgj-pyypxn-9aab142cf-clienttons-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
2600:141b:13::17d7:82da New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:37:13 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://eydvgaaamb4gojqacqnqaeyaabrsrkgj-pyypxn-9aab142cf-clienttons-s.akamaihd.net/eum/results.txt
Date
Mon, 19 Sep 2022 17:37:13 GMT
Server
AkamaiGHost
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
generate_204
tpc.googlesyndication.com/ Frame 76D5
0
11 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?6-7pow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
68794905.akstat.io/
0
199 B
Ping
General
Full URL
https://68794905.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/YEHML-2MP5A-4ERAH-85V5H-86WT5
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:5000:698::11a6 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:13 GMT
content-type
image/gif
access-control-allow-origin
https://www.al.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Mon, 19 Sep 2022 17:37:13 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091501&jk=1565491691461689&bg=!Tk2lTQnNAAZqQh0mSkI7ACkAdvg8WlMP-mgk1QKPrCoyj8GuJKZeohlqZC9muITPm1_lyuhUlgbTPAIAAACbUgAAAAJoAQcKABIdiWDcTZeSqM4PMCrxRsrLIHuZAprowsSXNpSVSNyY9qwN6slsDhYzbN5wie3ff8s720bcrs2WPzFEz3Q7shPYqtO6-D4R4Uu3rpLUN31deEtfOANxHYBDCiRgePbfIL9p4amgQ-g7eatDY2EGriBcP53JA4xV76GAQAm9mghpR9AVCJWGxL_Bfa3wfVV2vOC9jENCrpg33ZEjK2xvQzUN5Lm5KPQE-2DOcEn33ttA12hktVLHuEdR2WG3ipTkZ6YV4oji4allXSyKhBrKvYB_495ivlL9TZNEWl1P3o7_hRIU4M__cWmfrnrZ93_tqGIYaUtHkPRIYaDDbl1sGO1a_xEdwhfkn3TnTuum7Vt-ec78_EhJe2AsGaiIQuvOtwi4mlTwcjL_om06x7HisztCLJCCXkAsYAcZ29d-fcy5MFFjJltnvioM1KLhmnlncb0c49h815lKe2fpnhbvsn_l5yLToRMuvp9xaJJSuMBoQwrC7uUBwmFaG-5uth6udkMnWKNNP8JSfuU2YVZoOdI9ibcfqlTm0Cfkmt7MCzpbdAHQk4P0Ytnkkdv6ovOUFQpn1OJGhX0CHbzfNBRkSL3j2KztVobbO0-MxPrEmnhWt_RhT6o9bCvwUQZNWRQ4CFJLTOU-Oad8WcL9QSLYBcXcEN3gT2RXmoYYPwhqfMbQzBaWlLehbzR1JKhI6edgZzF9HpdcTWDWjtdldaV_czd38xORGtkPXh0n9Tbc4sqeNoFkkbLwmsjj2pctG_68SN2zxLVhU6iNvivRzYO2maD-1qe9iQuzTmBAdaj7kI6-39oTUhgezX4iauCC5AepceC4fl65kkC0g49e3GgvUyVk6K3_r1Pqqqk_WOadl_-HAFflMaF_wlMm8R0GTCKJYPJP2KlFMDrHwOStS_kXhig
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Q2GF9K551G&gtm=2oe9e0&_p=2078583571&cid=1987971981.1663609028&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&dt=Serious%20data%20breach%20at%20Uber%20spotlights%20hacker%20social%20deception&dl=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&sid=1663609028&sct=1&seg=0&en=ad_impression&ep.headline=serious%20data%20breach%20at%20uber%20spotlights%20hacker%20social%20deception&ep.author=%5Bfrank%20bajak%5D&ep.entry_id=3VY6E76V2VCKXMBJLSKSVLT75Y&ep.page_type=cal&ep.product=cal&ep.platform=desktop&ep.page_path=%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&ep.custom_type=taboola&ep.custom_location=rightrail&_et=501
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q2GF9K551G&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.al.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
envelope
lexicon.33across.com/v1/
49 B
293 B
XHR
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000001PAW0LAAX&gdpr=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:14 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.al.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
expires
Sat, 26 Jul 1997 05:00:00 GMT
392.json
id5-sync.com/g/v2/
451 B
1 KB
XHR
General
Full URL
https://id5-sync.com/g/v2/392.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
663a701b87d56613c41984525c4bd7b911c1c7b098fc2ecbc001d35d3479afa8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:13 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
id
id.crwdcntrl.net/
154 B
821 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ee4d81e9cfb365c75b7a5c452d7830798b4add10af88b7a59d1f3e695984fbaf

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.al.com
cache-control
no-cache
x-server
10.40.5.155
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
envelope
api.rlcdn.com/api/identity/
0
250 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:14 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4D8D
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.12 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=120042
content-encoding
gzip
content-length
5549
content-type
text/html
date
Mon, 19 Sep 2022 17:37:14 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 21 Sep 2022 02:57:56 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
usync.html
eus.rubiconproject.com/ Frame 049F
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 17:37:14 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 449C
35 KB
12 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C238%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C251%2C175%2C132%2C178%2C3018%2C257%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C184%2C261%2C141%2C188%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.8.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-8-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3f473ed581c0220e1999f8a79cc7e2d8c19bfb3cca2ccfa8be5cd5195edf5f90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=151373
content-encoding
gzip
content-length
11835
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 17:37:14 GMT
expires
Wed, 21 Sep 2022 11:40:07 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 55E5
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.168.248 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-248.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 17:37:14 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 4D8D
2 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=72208183&p=159879&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8044f344c7f9461a9de3043e4940aef037f9f060b31c0a17f3cabd46ba572770

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:14 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 049F
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c948008e85bad263dc49df013408d09c061b0833fa4f502ed1c743dd5f313044

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:37:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56252
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Tue, 20 Sep 2022 09:14:46 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 825E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFc3NrN0dVVklBQUE4RG9RUUJIdw&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAEssk7GUVIAAA8DoQQBHw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partn...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp,sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEssk7GUVIAAA8DoQQBHw
42 B
199 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEssk7GUVIAAA8DoQQBHw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 17:37:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 19 Sep 2022 17:37:14 GMT
Server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEssk7GUVIAAA8DoQQBHw
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 2A7B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:21b96328-a8c6-4500-bdea-f3c8e6e4e659&gdpr=0&gdpr_consent=
42 B
404 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:21b96328-a8c6-4500-bdea-f3c8e6e4e659&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 17:37:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 19 Sep 2022 17:37:14 GMT
Expires
Mon, 19 Sep 2022 17:37:13 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4505 5b23575 master ord-pixel-x19 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:21b96328-a8c6-4500-bdea-f3c8e6e4e659&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 7473
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b2eb0008-3841-11ed-87e1-92a75f8dcbdf
42 B
243 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b2eb0008-3841-11ed-87e1-92a75f8dcbdf
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 17:37:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 19 Sep 2022 17:37:14 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b2eb0008-3841-11ed-87e1-92a75f8dcbdf
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
lga-delivery-10
server
Cowboy
141
match.deepintent.com/usersync/ Frame 83BE
0
222 B
Document
General
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Mon, 19 Sep 2022 17:37:14 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
mw
mwzeom.zeotap.com/ Frame 4D8D
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=7DB2CA13-E8A7-4FDA-984A-416FFC946F59
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://pixel.onaudience.com/?partner=147&mapped=53ce5430-0132-4e50-8142-31f223e51f5c&icm&gdpr=0&gdpr_consent=&cver
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=855c8a0f357663e2f8be05b4799443b5&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=350f887d26913a07
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a1755465-5f12-42b2-7fc2-c06014fc944d&reqId=fb098be2-9db9-402e-5b2a-8ca38e6257c9&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESENMPywdULlOXDmBSicKBC1I&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a1755465-5f12-42b2-7fc2-c06014fc944d&reqId=fb098be2-9db9-402e-5b2a-8ca...
95 B
163 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESENMPywdULlOXDmBSicKBC1I&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a1755465-5f12-42b2-7fc2-c06014fc944d&reqId=fb098be2-9db9-402e-5b2a-8ca38e6257c9&zcluid=350f887d26913a07&zdid=1332
Protocol
H2
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:17 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
74d416a3ad924bb9-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESENMPywdULlOXDmBSicKBC1I&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a1755465-5f12-42b2-7fc2-c06014fc944d&reqId=fb098be2-9db9-402e-5b2a-8ca38e6257c9&zcluid=350f887d26913a07&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 4D8D
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&addseg=10,33,39
0
0
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&addseg=10,33,39
Protocol
H2
Server
8.28.7.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Redirect headers

date
Mon, 19 Sep 2022 17:37:14 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info
uipglob.semasio.net/pubmatic/1/ Frame 4D8D
42 B
603 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:14 GMT
Frontend-ID
9
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 4D8D
43 B
656 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-100.jfk50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
via
1.1 410372c9ac35ccad4a4fd5dbf80c9f38.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P3
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
sZTOTDTtJq6hPrETHjQg6-oeC3ZjqYzhbyustmwhIyBuPSgIFaolTw==
expires
0
7DB2CA13-E8A7-4FDA-984A-416FFC946F59
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 4D8D
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/7DB2CA13-E8A7-4FDA-984A-416FFC946F59?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:50cb:1c19:c33a:f836 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:14 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 4D8D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KH8nuEdE2uUBgp9p01k0S6yNCCXQs4E-~A&gdpr=0&gdpr_consent=
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KH8nuEdE2uUBgp9p01k0S6yNCCXQs4E-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KH8nuEdE2uUBgp9p01k0S6yNCCXQs4E-~A&gdpr=0&gdpr_consent=
date
Mon, 19 Sep 2022 17:37:14 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 4D8D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=61a4c8ac-ec38-474c-a4f1-e44ea2a94d83&gdpr=0&gdpr_consent=
1 B
235 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=61a4c8ac-ec38-474c-a4f1-e44ea2a94d83&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=61a4c8ac-ec38-474c-a4f1-e44ea2a94d83&gdpr=0&gdpr_consent=
Date
Mon, 19 Sep 2022 17:37:14 GMT
X-CI-RTID
b77e77f2-da79-48d8-be02-473b3be4eccd
Connection
keep-alive
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
image2.pubmatic.com/AdServer/ Frame 4D8D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2310414087477230896&gdpr=0&gdpr_consent=
42 B
297 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2310414087477230896&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:07:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:14 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
e27e1833-0bde-428e-b46f-dfb6499a8450
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2310414087477230896&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4D8D
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3044100e90a6052c&is_secure=true&networkId=17100&version=1&nuid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB1mcxzU5hdgMk6AFJAAAAAAA&expiration=1663695434&nuid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&...
42 B
285 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB1mcxzU5hdgMk6AFJAAAAAAA&expiration=1663695434&nuid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB1mcxzU5hdgMk6AFJAAAAAAA&expiration=1663695434&nuid=7DB2CA13-E8A7-4FDA-984A-416FFC946F59&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 4D8D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4a9a03a5-8298-4e48-ad99-826f2dfe69df-6328a8ca-4341&gdpr=0&gdpr_consent=
42 B
296 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4a9a03a5-8298-4e48-ad99-826f2dfe69df-6328a8ca-4341&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:13 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4a9a03a5-8298-4e48-ad99-826f2dfe69df-6328a8ca-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 23CF
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34d317242bf8d2371b8546c7b9e153c94dab38206fd11344c4bb51aeef412d98

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74d41690c864a20a-YYZ
content-encoding
br
content-type
text/html
date
Mon, 19 Sep 2022 17:37:14 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vtBnUaLjS4keEMsm%2BYyZ8qjDFk1hW1dfQEQhFhlPXbE9VRvSz7Bd2YR7LZLvmsxmFRE%2BbradAoHf9Sp8Eohi%2B%2FpmteC2slLP56VxbYjHzEAKlFsPF2Rlgkj1ga1Pr4fI5O1uwXm2lcCWg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatchredir
ssum-sec.casalemedia.com/ Frame 23CF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyioxYRn5thDcSzcHKUNIQAAAA4AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAqM6N-m17sA0R-J22c9Yok&google_cver=1
43 B
839 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAqM6N-m17sA0R-J22c9Yok&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d416919a2fa20a-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IffQIZYSS1Q7aQk9hH1m4GMJ83TNt847eo0B4fXzO5nuk5Z7aTISJ8hCoR1UqcHpBLAdrtULFl%2FsY4%2BAd3Jag6hPTI3jKn7uKtJMR1AVS4X3eSOUPdbWyQM7GbbbC4OSRcJJ4yCxjW8cgw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAqM6N-m17sA0R-J22c9Yok&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 23CF
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YyioxYRn5thDcSzcHKUNIQAAAA4AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:14 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
R5KW5XNCMBKMB71GJMCH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 23CF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyioxYRn5thDcSzcHKUNIQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOTrhyV7UKOLo6_MI7ZDAm8&google_cver=1
43 B
847 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOTrhyV7UKOLo6_MI7ZDAm8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d41692788c3fcd-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqF%2FxSqqa68YfVj295xCWfV1I8oaLAZLsZ%2Bvlm8HxCRWus1PjCykqONEaIxGTRQjWS0%2BVdgPvT2gBWQDeP%2B6jDZbz3ZID2Lwc99%2BOwNgw3FPmbzJRYN4Zlq9Bhf5hESPbsFemAgHARn%2Fgg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOTrhyV7UKOLo6_MI7ZDAm8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 23CF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=53ce5430-0132-4e50-8142-31f223e51f5c&expiration=1666201034&gdpr=0&gdpr_consent=
43 B
430 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=53ce5430-0132-4e50-8142-31f223e51f5c&expiration=1666201034&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d416919ceba24d-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rise3NHCWtTkg33qxiwrKg1GF%2B6cX%2FGhAdLosnfZLWTG1L07YOxK5cL9nbHXQa6djRaXlGs%2BM7q2pjgPj4LtYn2H9jMRlx8BXWk5aUulGi%2BVOdB5YmQXZOkVHQ9xETdQQuQKghZNb2jOPA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=53ce5430-0132-4e50-8142-31f223e51f5c&expiration=1666201034&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum.casalemedia.com/ Frame 23CF
Redirect Chain
  • https://match.deepintent.com/usersync/113
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_13b1e1fcee524ff2889de
43 B
873 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_13b1e1fcee524ff2889de
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d416920fd5a223-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmYqj0cggv%2BZq1Yso76iA6a6czz5ozow1l%2BWyl4K%2BhnfOwTGCEy9m5jMb8X9ED8ANpgMhK%2BWsbFlXYAx2KobdHo0LFwuEsius7wAPpOqdb%2BLPKOaurM%2F9owtPLA7HPepbyr%2FZw8H"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_13b1e1fcee524ff2889de
date
Mon, 19 Sep 2022 17:37:14 GMT
server
b
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
crum
dsum-sec.casalemedia.com/ Frame 23CF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=21b96328-a8c6-4500-bdea-f3c8e6e4e659
43 B
420 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=21b96328-a8c6-4500-bdea-f3c8e6e4e659
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d416919ceaa24d-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WiXXke6dGhcp7gCrOHQmbsUlYPD68jWn23TEZwjytEJvHmLnjG%2F4ukz7WHUI6rvL1GLx0y%2FQFZjsG7tk5eQnhxkXNofA%2FYA9L0qfe6DiR9OSCTfNS3%2Bx5ABbrhQDe9mikaz%2BNOLdyaVyVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 19 Sep 2022 17:37:14 GMT
Server
MT3 4505 5b23575 master ord-pixel-x48 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=21b96328-a8c6-4500-bdea-f3c8e6e4e659
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 17:37:13 GMT
rum
dsum-sec.casalemedia.com/ Frame 23CF
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=102b1551-9a33-48fb-8d43-0e5e1e1a6ed4&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
883 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=102b1551-9a33-48fb-8d43-0e5e1e1a6ed4&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d41692788b3fcd-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FcHATmeUb8ogWqgQUye%2B2oZ%2BweqnG8%2BakGlTBWEFdrpat1TqwRBC097bGKABBW3spA%2B6Pgh6nk0lsAR5S%2ByYsN2tY%2F0ot0OozWmVjMP1ZADqu1YXkdUlinHWPSdAg3MVzfCjXuoQ7%2Bn%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=102b1551-9a33-48fb-8d43-0e5e1e1a6ed4&us_privacy=null&gdpr_consent=null&gdpr=null
date
Mon, 19 Sep 2022 17:37:14 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74d416918c6d7139-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 23CF
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D%28OIQ_UUID%29
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7168954341770100695&uid=Q7168954341770100695&ref=%2Feucm%2Fp%2Fcc
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7168954341770100695
43 B
843 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7168954341770100695
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d41692788e3fcd-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCz7AMZRz%2BTuVXBFvijgUOKA%2FgRdqDV2W2YgSZnpHb5WF%2BKhPWai0LYXej4hw3NtXJamhMRgsohkO422z6aSXqi7ouhnHYs4yEBFo2yxiOciYW8Vin%2BlvaSbTehnCJG%2BPNRYCUQcOgQgBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 19 Sep 2022 17:37:14 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7168954341770100695
Cache-Control
max-age=60890
Connection
keep-alive
Content-Type
text/html
Content-Length
154
htw-pixel.gif
cdn.indexww.com/ht/ Frame 23CF
43 B
351 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YyioxYRn5thDcSzcHKUNIQAA%26014
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d416919c7eca6f-YUL
date
Mon, 19 Sep 2022 17:37:14 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
191
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 19 Sep 2022 21:37:14 GMT
pixel
cm.g.doubleclick.net/ Frame 049F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5MVYyNDMtMVUtM1BHMw==&us_privacy=1---
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5MVYyNDMtMVUtM1BHMw==&us_privacy=1---
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5MVYyNDMtMVUtM1BHMw==&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 049F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=53ce5430-0132-4e50-8142-31f223e51f5c&gdpr=0&gdpr_consent=&expires=30
42 B
703 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=53ce5430-0132-4e50-8142-31f223e51f5c&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=53ce5430-0132-4e50-8142-31f223e51f5c&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
ecm3
s.amazon-adsystem.com/ Frame 049F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xt0JX1tCSXyRueuSVTENDA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xt0JX1tCSXyRueuSVTENDA
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xt0JX1tCSXyRueuSVTENDA
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:14 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
2JGTKKEZ3B2MV40NZ399
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xt0JX1tCSXyRueuSVTENDA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 049F
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.179 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:14 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
RQBB7A7X8NYB72N9C275
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 049F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFIcAkXEHI325lr-ZHCxYzU&google_cver=1
42 B
703 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFIcAkXEHI325lr-ZHCxYzU&google_cver=1
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFIcAkXEHI325lr-ZHCxYzU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 049F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWFlMjViZGU5YzUxNGNiYzk5M2NmNDEwYWRiOGQwNzIwNDQ4YzFmNg&us_privacy=1---
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWFlMjViZGU5YzUxNGNiYzk5M2NmNDEwYWRiOGQwNzIwNDQ4YzFmNg&us_privacy=1---
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWFlMjViZGU5YzUxNGNiYzk5M2NmNDEwYWRiOGQwNzIwNDQ4YzFmNg&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 049F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L891V243-1U-3PG3&us_privacy=1---
0
144 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L891V243-1U-3PG3&us_privacy=1---
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:14 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 2BEF241821434329B7E04BA196E5D494 Ref B: YTO01EDGE0712 Ref C: 2022-09-19T17:37:14Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXpCymM9zkYWNT+IXbyWQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L891V243-1U-3PG3&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 049F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/uYZoS2QChT_IinqBP0s6UMn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8655959469697021062
42 B
703 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8655959469697021062
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Content-Type
image/gif

Redirect headers

date
Mon, 19 Sep 2022 17:37:14 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8655959469697021062
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
pubcid.php
hbx.media.net/ Frame 449C
57 KB
18 KB
Script
General
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C238%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C251%2C175%2C132%2C178%2C3018%2C257%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C184%2C261%2C141%2C188%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.60.24 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
server
Apache
date
Mon, 19 Sep 2022 17:37:14 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 18:07:14 GMT
sync
gum.criteo.com/ Frame 449C
88 B
328 B
Script
General
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C238%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C251%2C175%2C132%2C178%2C3018%2C257%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C184%2C261%2C141%2C188%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
fd74784e94c28808ed2fdbf7f9aab5a8d4f435e382f83c440f8e6bf0e0d4c579
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:14 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1317647
strict-transport-security
max-age=31536000; preload;
expires
60
cksync.html
contextual.media.net/ Frame 9214
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3066106341454926000V10%26type%3Drkt%26refUrl%3D%26vid%3D360903466630661063414549260...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3066106341454926000V10&type=rkt&refUrl=&vid=36090346663066106341454926000V10&ovsid=1783777316138921154
219 B
651 B
Document
General
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3066106341454926000V10&type=rkt&refUrl=&vid=36090346663066106341454926000V10&ovsid=1783777316138921154
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C238%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C251%2C175%2C132%2C178%2C3018%2C257%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C184%2C261%2C141%2C188%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.8.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-8-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Mon, 19 Sep 2022 17:37:15 GMT
expires
Mon, 19 Sep 2022 17:37:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Mon, 19 Sep 2022 17:37:14 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3066106341454926000V10&type=rkt&refUrl=&vid=36090346663066106341454926000V10&ovsid=1783777316138921154
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame 449C
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066106341454926000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=fb5cef0f13d19f6&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D30...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066106341454926000V10&type=con&refUrl=&vid=36090346663066106341454926000V10&ovsid=AAAB1mcxzU5hfQMDHjctAAAAAAA&expiration=1663695434&is_secure=true
45 B
460 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3066106341454926000V10&type=con&refUrl=&vid=36090346663066106341454926000V10&ovsid=AAAB1mcxzU5hfQMDHjctAAAAAAA&expiration=1663695434&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C238%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C251%2C175%2C132%2C178%2C3018%2C257%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C184%2C261%2C141%2C188%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.77.8.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-8-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 17:37:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:37:15 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3066106341454926000V10&type=con&refUrl=&vid=36090346663066106341454926000V10&ovsid=AAAB1mcxzU5hfQMDHjctAAAAAAA&expiration=1663695434&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame 449C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066106341454926000V10%26type%3Dmma%26refUrl%3D%26vid%3D360903466630661063414549...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066106341454926000V10&type=mma&refUrl=&vid=36090346663066106341454926000V10&ovsid=21b96328-a8c6-4500-bdea-f3c8e6e4e659
45 B
465 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3066106341454926000V10&type=mma&refUrl=&vid=36090346663066106341454926000V10&ovsid=21b96328-a8c6-4500-bdea-f3c8e6e4e659
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C238%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C251%2C175%2C132%2C178%2C3018%2C257%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C184%2C261%2C141%2C188%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.77.8.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-8-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 17:37:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:37:14 GMT

Redirect headers

Date
Mon, 19 Sep 2022 17:37:14 GMT
Server
MT3 4505 5b23575 master ord-pixel-x18 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3066106341454926000V10&type=mma&refUrl=&vid=36090346663066106341454926000V10&ovsid=21b96328-a8c6-4500-bdea-f3c8e6e4e659
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 17:37:13 GMT
cksync
cs.media.net/ Frame 449C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA2NjEwNjM0MTQ1NDkyNjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEc_7dWgQ5PCzfEQYGEoNIk&google_cver=1
45 B
610 B
Image
General
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEc_7dWgQ5PCzfEQYGEoNIk&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C238%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C251%2C175%2C132%2C178%2C3018%2C257%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C184%2C261%2C141%2C188%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.64.60.24 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:14 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Mon, 19 Sep 2022 17:37:14 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEc_7dWgQ5PCzfEQYGEoNIk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 449C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066106341454926000V10%26type%3Ddxu%26refUrl%3D%26vid%3D36090346663066106341454...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066106341454926000V10&type=dxu&refUrl=&vid=36090346663066106341454926000V10&ovsid=2XVuaw5n1OAkHK5
45 B
452 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3066106341454926000V10&type=dxu&refUrl=&vid=36090346663066106341454926000V10&ovsid=2XVuaw5n1OAkHK5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C238%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C251%2C175%2C132%2C178%2C3018%2C257%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C184%2C261%2C141%2C188%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.77.8.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-8-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 17:37:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:37:14 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:14 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0366c913b1f0da251@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3066106341454926000V10&type=dxu&refUrl=&vid=36090346663066106341454926000V10&ovsid=2XVuaw5n1OAkHK5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 449C
43 B
362 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C238%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C251%2C175%2C132%2C178%2C3018%2C257%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C184%2C261%2C141%2C188%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
289075
content-type
image/gif
expires
Mon, 19 Sep 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 449C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://t.pswec.com/bsw_sync?ssp=medianet&bsw_user_id=19664485-99ac-4cb7-83c9-5ab210ec6836
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=medianet&bsw_user_id=19664485-99ac-4cb7-83c9-5ab210ec6836
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=3fbb3089-93aa-4e85-9c3c-73c7fb04dc77&expires=3&user_group=1&ssp=medianet
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=19664485-99ac-4cb7-83c9-5ab210ec6836&gdpr=&gdpr_consent=&gdpr_pd=
45 B
465 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=19664485-99ac-4cb7-83c9-5ab210ec6836&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C238%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C251%2C175%2C132%2C178%2C3018%2C257%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C184%2C261%2C141%2C188%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.77.8.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-8-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 17:37:17 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:37:17 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=19664485-99ac-4cb7-83c9-5ab210ec6836&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 19 Sep 2022 17:37:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 449C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066106341454926000V10%26type%3Dzem%26refUrl%3D%26vid%3D36090346663066106341454926...
  • https://stags.bluekai.com/site/23178?id=idGxQnQncMHqsO-5ZnuV&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLJMRDXQULOKFXGGTKIOFZU6LJVLJXHK...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=idGxQnQncMHqsO-5ZnuV&refUrl=&type=zem&vid=36090346663066106341454926000V10&vsid=3066106341454926000V10
45 B
456 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=idGxQnQncMHqsO-5ZnuV&refUrl=&type=zem&vid=36090346663066106341454926000V10&vsid=3066106341454926000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C238%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C251%2C175%2C132%2C178%2C3018%2C257%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C184%2C261%2C141%2C188%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.77.8.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-8-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 17:37:17 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:37:17 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:17 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=idGxQnQncMHqsO-5ZnuV&refUrl=&type=zem&vid=36090346663066106341454926000V10&vsid=3066106341454926000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
dmp.adblade.com/srv/sync/gateway/ Frame 449C
43 B
229 B
Image
General
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C238%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C251%2C175%2C132%2C178%2C3018%2C257%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C184%2C261%2C141%2C188%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:37:14 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame 449C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3066106341454926000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=42040130-a175-487a-b818-5a0c5dc976ef&cs=1
45 B
465 B
Image
General
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=42040130-a175-487a-b818-5a0c5dc976ef&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C238%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C251%2C175%2C132%2C178%2C3018%2C257%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C184%2C261%2C141%2C188%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.77.8.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-8-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 17:37:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:37:15 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=42040130-a175-487a-b818-5a0c5dc976ef&cs=1
date
Mon, 19 Sep 2022 17:37:14 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
710489.gif
id.rlcdn.com/ Frame 449C
42 B
301 B
Image
General
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C238%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C251%2C175%2C132%2C178%2C3018%2C257%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C184%2C261%2C141%2C188%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:37:14 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 449C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=53ce5430-0132-4e50-8142-31f223e51f5c
45 B
621 B
Image
General
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=53ce5430-0132-4e50-8142-31f223e51f5c
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C238%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C251%2C175%2C132%2C178%2C3018%2C257%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C184%2C261%2C141%2C188%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.64.60.24 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:14 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Mon, 19 Sep 2022 17:37:14 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=53ce5430-0132-4e50-8142-31f223e51f5c
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
sync
ups.analytics.yahoo.com/ups/58222/ Frame 449C
Redirect Chain
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066106341454926000V10
0
132 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066106341454926000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C238%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C251%2C175%2C132%2C178%2C3018%2C257%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C184%2C261%2C141%2C188%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:14 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=15724800; includeSubDomains
Date
Mon, 19 Sep 2022 17:37:14 GMT
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066106341454926000V10
Cache-Control
max-age=0, no-cache, no-store
Connection
close
Expires
Mon, 19 Sep 2022 17:37:14 GMT
log
c21lg-d.media.net/ Frame 449C
35 B
296 B
Image
General
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=VDxThGc9BEFP3g8OCMvFpw_L-VE03p61&cs=15&vsid=3066106341454926000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C238%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C251%2C175%2C132%2C178%2C3018%2C257%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C184%2C261%2C141%2C188%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:14 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 19 Sep 2022 17:37:14 GMT
log
c21lg-d.media.net/ Frame 449C
35 B
296 B
Image
General
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=f65540b5-5a91-4002-a1c0-7c3bda3cfc27&cs=15&vsid=3066106341454926000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C157%2C2027%2C159%2C2026%2C117%2C238%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C251%2C175%2C132%2C178%2C3018%2C257%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C184%2C261%2C141%2C188%2C222%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:37:17 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 19 Sep 2022 17:37:17 GMT
VideoBidRequestHandlerServlet
us-wf.taboola.com/
15 KB
9 KB
XHR
General
Full URL
https://us-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=300&height=168&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1663609034960&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1482&pt=987530730&tz=0&viewable=true&ddast=V7rYkCFgODgj-liuch-gSDgj-liuch-gUAAAAGBscHJLYyzWaG5cStGQwma9FssFsrR57dWjGcGUbDzWS4MWyMQGIr02xmWE7cmsFgshbNBru1cuTZrRXDmWE03EyGG8PGCiTS9BlNB0nDaTYInRfL02QQFV1vi93hNHsOaoGsaXL53TCGptPhc93rdb_fXWG2a_xuv9zl-_wlg8lkL1juNS_L0-_6vEUO08MtsbwcHqNbYXqrLi7LW3P4m85On9H0eQsdHq_L8tb8PU6H2S1yeVyG09NvtwtNb7MdAAAAAB7-____IQAAAAAiAAAAACQAAAAAKAIq_i0ELgAAAAAw_v___zUATDYEokMOhPbbTZeXw-wPAAAAABAAAAAAEgCB9KYSgA_Vk5P__________5gB-swbmf____8bhR6ABx-AByEAAICLofEcN8x2MYQGIgLFIkYAAAAAlTiZtUeTOqGyqPr__--3ArgCAAgYtJoGWsnSHZR4CwMAACAYW6CHxe83O-wav9tl__________9m_2f_aEI2AABpwpMo9mq_gAAAa7-AAABs2kZuAABvAXBBZ4DD0WwwXB1BrEaz2QEAAADc_f___-uBlG-y2C02Lo9n4hxulrvlbLfxOBfL3cK4W-5mG-9J9e-3lVtkyveRSNNnNB0kDafZIHReLE-TQVR0vS12h9PsOagFsqbJ5bffhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCyW4xcm8HErRusLG7RaLBYC0e-3VpjMo5sFovH5bAY1qLXx_SwTCYr02iLggFhe5E8LdKJwuIcLjfOxWQ429icy9VqsRkNdpuVZbJZToy74UQs0Zws0onssm_5JovdYuPyeCbO4Wa5W852G49zsdwtjLvlbrbxV3aLkWszmLh1g5XFLRoNFmvhyLdba0zGkc1i8bgcFsNa9PqYHpbJZGUa7Ruz2WY2WA4mw31jNtvMBsvBZLjv0Bm-q8_Z6NsMax2f5q-eGY41h0HhMli8K9VppS1IDtrsVeR0aWbKos6ofH5HXoPCc_CYftab9izOKYfWY_R7MCpiieAinShMtofd43IrzA6Lw-2wiCVK00U60ctdvs9fMphM9oLlXvOyPP2uz1vkMD3cEsvL4TG6Faa36uKyvDWHv-ns9BlNn7fQ4fG6LG_N3-N0mN0il8dlOD39drvQ9DZbxBLB6SKdiF7G00X9R4cYLeeq2Vyx2swVw8UqAQAAAAAAAAAsYcq8CQAAAMBpEMvBbrlb54EMdqvFbrVcgAffUN0f62Ra3HK6g91U_l_li_LM5eLGjx_CZHvYPS63wuywONwOKwM8TEIwb_5MEGu1WtYAAAAC2AAAAAHcunkLRIfi_____-MAAABk5OgBAACO94GuAAAAAAAA-AlwtZwN!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2075175&dpubid=190797&abtst=206725b_vA!206725b_vA!amplean_vD!ecp_vC!eidc_vB!id5mc_vB!inc_all_video_vA!spa2_vA!ul118513-590_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.al.com&en=1&subu=4&panid=07e47c5f4873394acffad829716416d539385cfa799f10d050a687bc7cb26bfa
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.5/UnitInlineDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e0aaa27690a788bbc94b7c39343385dcbb02e70a18141d3f2905e977d61ea50f

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:17 GMT
content-encoding
gzip
server
nginx
machineid
1161
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.al.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
link
<http://{"userSync">; rel=preconnect,<http://{"adUnit">; rel=preconnect,<https://gklfs-x8k98.ads.tremorhub.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel.gif
px.moatads.com/
43 B
267 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-5t%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-lNpXKgt%2BRfoJWg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=975&gp=2115.796875&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&id=1&ii=4&pl=0&f=0&j=&t=1663609027954&de=596173601160&rx=201346368572&cu=1663609027954&m=7491&ar=5aeef158bee-clean&iw=f009e8a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2115.796875&lb=5966&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1014%3A1014%3A6856%3A1077&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5055&cd=129&ah=5055&am=129&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1491967135%3A571348615%3A1731081415%3A138224706452&bo=343101415&bp=387187255&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387187255&dfp=0%2C1&la=387187255&zMoatAU=%2F344101295%2FAL%2Fwww.al.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Bottom&zMoatPlatform=desktop&zMoatVersion=adv-1.1-c&zMoatATF=false&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&oq=0&ot=0&tc=0&fs=200157&na=1356152796&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.105.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:37:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:37:17 GMT
OpportunityServlet
us-vid-events.taboola.com/
1 B
117 B
Ping
General
Full URL
https://us-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_2_6/infra/cmTagINLINE_INSTREAM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.al.com
date
Mon, 19 Sep 2022 17:37:17 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
SPug
simage4.pubmatic.com/AdServer/ Frame 4D8D
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159879&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:37:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
data
bcp.crwdcntrl.net/6/
172 B
546 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/958/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a90c97446825de8dff1e47f7b4895c260d2ad07e58b8defc820de1bc0cceb1b5

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:17 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.al.com
cache-control
no-cache
x-server
10.40.37.25
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
172
expires
0
pixel.gif
px.moatads.com/
43 B
267 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-5t%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-lNpXKgt%2BRfoJWg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&id=1&ii=4&pl=0&f=0&j=&t=1663609027954&de=551244607233&rx=201346368572&cu=1663609027954&m=7693&ar=5aeef158bee-clean&iw=f009e8a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5966&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1014%3A1014%3A6856%3A1077&as=1&ag=5139&an=1072&gi=1&gf=5139&gg=1072&ix=5139&ic=5139&ez=1&ck=1072&kw=972&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5139&bx=1072&ci=1072&jz=972&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5042&cd=972&ah=5042&am=972&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=1485967855%3A558038455%3A1719447535%3A138386336931&bo=343101415&bp=387187255&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387187255&dfp=0%2C1&la=387187255&zMoatAU=%2F344101295%2FAL%2Fwww.al.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Top&zMoatPlatform=desktop&zMoatVersion=adv-1.1-c&zMoatATF=true&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&tc=0&fs=200157&na=1472137661&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.105.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:37:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:37:17 GMT
pixel.gif
px.moatads.com/
43 B
267 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-5t%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-lNpXKgt%2BRfoJWg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&id=1&ii=4&pl=0&f=0&j=&t=1663609027954&de=551244607233&rx=201346368572&cu=1663609027954&m=7894&ar=5aeef158bee-clean&iw=f009e8a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5966&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1014%3A1014%3A6856%3A1077&as=1&ag=5341&an=5139&gi=1&gf=5341&gg=5139&ix=5341&ic=5341&ez=1&ck=1072&kw=972&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5341&bx=5139&ci=1072&jz=972&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5244&cd=5042&ah=5244&am=5042&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=1485967855%3A558038455%3A1719447535%3A138386336931&bo=343101415&bp=387187255&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387187255&dfp=0%2C1&la=387187255&zMoatAU=%2F344101295%2FAL%2Fwww.al.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Top&zMoatPlatform=desktop&zMoatVersion=adv-1.1-c&zMoatATF=true&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&tc=0&fs=200157&na=973202353&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.105.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:37:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:37:17 GMT
v1
prg.smartadserver.com/prebid/
1 KB
1 KB
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
652b841d0043695a8b66de230d399068d9738fe8589cbfd7b7929840b219872c

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:16 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.al.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
avjp
taboola-d.openx.net/v/1.0/
106 B
127 B
XHR
General
Full URL
https://taboola-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.al.com&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=&nocache=1663609037362&gdpr_consent=&gdpr=0&us_privacy=1---&schain=1.0%2C1!taboola.com%2C1031841%2C1%2C-1050398623%2C%2C&skippable=true&protocol=6&auid=543963954&vwd=1024&vht=576&vos=101&aumfs=600
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:17 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.al.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
tag
gklfs-x8k98.ads.tremorhub.com/ad/
Redirect Chain
  • https://gklfs-x8k98.ads.tremorhub.com/ad/tag?adCode=gklfs-9gs2k&playerWidth=300&playerHeight=168&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2FblackScreen60.mp...
  • https://gklfs-x8k98.ads.tremorhub.com/ad/tag?adCode=gklfs-9gs2k&playerWidth=300&playerHeight=168&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2FblackScreen60.mp...
1 KB
1 KB
XHR
General
Full URL
https://gklfs-x8k98.ads.tremorhub.com/ad/tag?adCode=gklfs-9gs2k&playerWidth=300&playerHeight=168&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2FblackScreen60.mp4&srcPageUrl=https%3A%2F%2Fwww.al.com&contentLength=NaN&gdpr=0&us_privacy=1---&_tur=T
Protocol
H2
Server
2600:1f18:612b:4232:404:2bd9:b8a8:362 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5e0d40e58c1f28faecf2b517440ad2a395b68ab91b4464781e901e4acbee1356

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:17 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
text/xml;charset=UTF-8

Redirect headers

location
https://gklfs-x8k98.ads.tremorhub.com/ad/tag?adCode=gklfs-9gs2k&playerWidth=300&playerHeight=168&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2FblackScreen60.mp4&srcPageUrl=https%3A%2F%2Fwww.al.com&contentLength=NaN&gdpr=0&us_privacy=1---&_tur=T
date
Mon, 19 Sep 2022 17:37:17 GMT
access-control-allow-credentials
true
server
Apache-Coyote/1.1
access-control-allow-origin
https://www.al.com
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
syncnoad
partners.tremorhub.com/
1 KB
915 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=appnexus%2Csimpli.fi%2Cadvangelists%2Cadgear%2C4Info%2CTapAd%2Cmediamath%2C_google_dfp%2Ctremornet%2Cbucksense%2Cdynadmic%2CBidTheatre%2Cmartinai%2Cthetradedesk%2Czypmedia%2Cbrightroll%2CVideology%2Cquantcast%2CPulsepoint%2Cindexexchange%2Cdataxu%2Ccentro%2C_dmp_krux%2Cblis%2C_supply_taboola%2Cmadhive%2Cadform%2Cacuityads%2Cconversant%2C1%2C_dmp_adobe%2C_dmp_turbine%2Cgoogle%2Cdeepintent%2CTubeMogul-GP%2Crocketfuel%2Cexponential%2C_dmp_lotame%2CSundaySky%2Cbeeswax%2CBidswitch%2Cemx%2Cadelphic%2Cadtheorent%2Cbeachfront&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&init=true&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
daa3f79e268a9c4214986fb27dac8f0689dd039afc373752288877cacefe40d2

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:17 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
1 KB
989 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=google%2Cconversant%2CTubeMogul-GP%2C1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
61687777569deecea667b59e7488070a2f1bd5cb1a11aa62601687778d583885

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:17 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
1 KB
942 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=conversant%2CTubeMogul-GP%2C1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
54946f23afed8e46f265caabfd139d5e38987bde9b8c324e710b593318dbaf86

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:17 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
1 KB
972 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=TubeMogul-GP%2C1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
7463a043579676cb0204e1e6de1314b435b48686f5f6a326dd2d43e4cb2a525d

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:17 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
pixel.gif
px.moatads.com/
43 B
267 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-5t%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-lNpXKgt%2BRfoJWg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=5966&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=5966&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1663609027954&de=955932410032&rx=201346368572&cu=1663609027954&m=9914&ar=5aeef158bee-clean&iw=f009e8a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1014%3A1014%3A6856%3A1077&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5065&cd=0&ah=5065&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=al.com%3ASerious%20data%20breach%20at%20Uber%20spotlights%20hacker%20social%20deception%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=200157&na=2065863303&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.105.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:37:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:37:17 GMT
syncnoad
partners.tremorhub.com/
1 KB
894 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
22475e1fcb8c928b3ed326b99b475b3d22a8c7b84e232417242df299c01fba19

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:17 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
1 KB
934 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=dataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
35bc8e455f9bc1647965208a21fb7caeec8c31151ccc6df92d4abdb136e9b7c5

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:17 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
1 KB
936 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=tremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
1da2d8390e16db76ef0d1e6d613f3c47459a2fabf4ade3dd623aec42787daa09

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
1 KB
893 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=Videology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
92da859f1df9a8b1cc43b48d0b256187a8b35f8d187ad3b46d2bfdf148f20401

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
1 KB
892 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=thetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
74d362fd9abb281b140dbe3d8ac4d5ce9933a81bc9d5e24d528f5b5f898516cb

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
1 KB
890 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=appnexus%2Ccentro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
4ee9d5f7cb721331f59c02f1f9b714c2090b075fdb348ef5b993b9011223f9b9

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
990 B
871 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=centro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
75691cdc2ac6c5ac515c719f99319ce307aeaae3bd331f8663589c3ed7f5b171

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
964 B
848 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=Bidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3bb50a36eafe0d3404d177ff4b51cd47c003e0d3ce541669dbf3bf5df8c5aa06

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
955 B
838 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=SundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
39f2cbd2025a1330513ff61adc64be4cadb3f3f0936b1632f749b56cb079c35d

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
993 B
858 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=dynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
7d2ee626e6607390cfe0c1c474bdb64d367f9d07e274e73936fba5607010136c

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
1007 B
882 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=mediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
36fee44e2675255ed7247cf992e7afde4e790b4742c7e7a77bfa0068217f6bba

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
923 B
830 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=BidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5e25cf458110bd16d868bf00f93956505f5690c83dab21263227c786537a1653

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
947 B
830 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=beeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
d86e53003d066e7dd45f471aa716af0a8651523bcdb68cb5defbd2d6520afb85

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
1 KB
887 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=TapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
581d49b94ca0e7632d76d14c2d18b4019d1dee00f7e6a47e34096428bf8afa07

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
905 B
818 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=adgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
2a3c9ae96399b2e2f3d96cb43c7c7dc22b05ac87d68ccd7ef10d6f775583079b

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
963 B
856 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=Pulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
acffbacdaa7c976f3f37ef9cbec9a603ede3c7430138462d896d97139b724822

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
896 B
799 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=brightroll%2Cbeachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
b9cc609018701c255a92ad28f3da2865279d74672911e9977a9170192be8b1cf

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
847 B
787 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=beachfront%2Cindexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
89229a06cfea5bb3d5632f2ab726b52c9953045ad4c69102238e8733ecca1be9

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
915 B
829 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=indexexchange%2Cbucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
f11a313bf27b8a2b0eb16f2959cd18537b9dc447628d35c57573b69b265ee148

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
886 B
791 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=bucksense%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3d9d24d9024f0ab0ccb61f664f6085605c7ca4863b075ee2b0fb8796fd8434ee

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
827 B
773 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=adform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
de64fe530810b475075372db39e911fd7e0adb8905014b76ca0e1d3c810e5f41

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
811 B
769 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=blis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
87e2eb63d422d320c313cf377b0778651d3cd78e48a7ee8f3884d68e0d748487

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
811 B
748 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=madhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
2265d5a11dcbe510854025b66f1fa9e29aeb7af3d541b90c4defcfe34b0fec67

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
844 B
786 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=emx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
ef80f41df5a80f9745683bdbbe98f99950f8e8965c77d403d037119d1ddfaf6f

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
895 B
807 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=exponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
815d695a5f1ce9f710014ae868926c5b609976a72172d3d9289a5cd66852eb98

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
850 B
798 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=adelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5ce9c021bc825a7ed8b2db56f77949a2b62eca2934656b5b3c7d5a1eec61298d

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
755 B
731 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=adtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
747cc9b4cefffa930baa95746332a7f71136efa0019929b046e251b1c7b60e08

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
729 B
725 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=simpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9a4b29b7aa04f68294e92cc9d4b4979ccbafb9cfed08864bbb96c265b0195027

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
751 B
744 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=quantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a557acc4d391b00862a27738698252fad19839d030dc5045e99d3541b8212b18

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
821 B
771 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
22f61d24d629d4f25fd701c8f8c653c42853c6118170d66bb99ab29fac3ee1e4

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
751 B
720 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=deepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
75c98b239cc78c81f450b53846fb471d0a271a7b25c12a654b36f1f985c99c44

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
793 B
763 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=advangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d9feaa31c5103d7695be8279a6c7465b88cfc9abcf72fad95b26a6550fe6d17

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
717 B
695 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=martinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5da00e867d1491c4b3138ee8064c39c9248262c94329ab114c5af4b3fc317ff4

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
661 B
683 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=zypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
99f5cf5dc98346e7efeca23004150f5a24a9288b445cc397343ddffdb3ec6afa

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:18 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
699 B
678 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=acuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
54b95b0a83f8bdea6caee9a310e2c30fe45c06cca157f277ea8f01f4cfa45f72

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:19 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
711 B
720 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
7ae5782653c20ab3af12a608d7414ec77fd9f01e92e5acbc2268239b4fe12c4f

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:19 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
680 B
683 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a4fa44eaa38e3d2fde665f2408a41eae3e286dbb15f722aa05f68aec08af4545

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:19 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
642 B
676 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
47bc29cf6dfa7c0bf8eacd4bf2e8c38b59f9cef4bac0e84eb444033271c5058e

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:19 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
643 B
654 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
800dfc098a0ec5caba1af9b9db14c6e0f2ecf9f3019b8125387ad197744e097f

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:19 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
598 B
645 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=_dmp_lotame%2C_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
72c2275bcf103e50e96a588b1d8ad5d8542c2f6375e48a34ab0a59d9284465f4

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:19 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
611 B
659 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=_supply_taboola&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
05b1cdb540f6fa5ee40011a9195e9d80c35e4e4c8a6d5f08d1f23edc114c3980

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:19 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/
118 B
388 B
XHR
General
Full URL
https://partners.tremorhub.com/syncnoad?rid=8c1e394d7e6140e39081115d54bf50dd&p=*&uid=d59b6b2021ae4dcabcf53cc079f6e004&vv=3.0&us_privacy=1---&gdpr=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:b10b:8058:fba8:7368 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e81c248b5ead146b62a1d4da26be147cf9873e714e74e66daa5bd113a0e0d2ba

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:37:19 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.al.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
VideoBidRequestHandlerServlet
us-wf.taboola.com/
12 KB
7 KB
XHR
General
Full URL
https://us-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=300&height=168&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1663609039972&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1482&pt=987530730&tz=0&viewable=true&ddast=V7rYkCFgODgj-liuch-gSDgj-liuch-gUAAAAGBscHJLYyzWaG5cStGQwma9FssFsrR57dWjGcGUbDzWS4MWyMQGIr02xmWE7cmsFgshbNBru1cuTZrRXDmWE03EyGG8PGCiTS9BlNB0nDaTYInRfL02QQFV1vi93hNHsOaoGsaXL53TCGptPhc93rdb_fXWG2a_xuv9zl-_wlg8lkL1juNS_L0-_6vEUO08MtsbwcHqNbYXqrLi7LW3P4m85On9H0eQsdHq_L8tb8PU6H2S1yeVyG09NvtwtNb7MdAAAAAB7-____IQAAAAAiAAAAACQAAAAAKAIq_i0ELgAAAAAw_v___zUATDYEokMOhPbbTZeXw-wPAAAAABAAAAAAEgCB9KYSgA_Vk5P__________5gB-swbmf____8bhR6ABx-AByEAAICLofEcN8x2MYQGIgLFIkYAAAAAlTiZtUeTOqGyqPr__--3ArgCAAgYtJoGWsnSHZR4CwMAACAYW6CHxe83O-wav9tl__________9m_2f_aEI2AABpwpMo9mq_gAAAa7-AAABs2kZuAABvAXBBZ4DD0WwwXB1BrEaz2QEAAADc_f___-uBlG-y2C02Lo9n4hxulrvlbLfxOBfL3cK4W-5mG-9J9e-3lVtkyveRSNNnNB0kDafZIHReLE-TQVR0vS12h9PsOagFsqbJ5bffhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCyW4xcm8HErRusLG7RaLBYC0e-3VpjMo5sFovH5bAY1qLXx_SwTCYr02iLggFhe5E8LdKJwuIcLjfOxWQ429icy9VqsRkNdpuVZbJZToy74UQs0Zws0onssm_5JovdYuPyeCbO4Wa5W852G49zsdwtjLvlbrbxV3aLkWszmLh1g5XFLRoNFmvhyLdba0zGkc1i8bgcFsNa9PqYHpbJZGUa7Ruz2WY2WA4mw31jNtvMBsvBZLjv0Bm-q8_Z6NsMax2f5q-eGY41h0HhMli8K9VppS1IDtrsVeR0aWbKos6ofH5HXoPCc_CYftab9izOKYfWY_R7MCpiieAinShMtofd43IrzA6Lw-2wiCVK00U60ctdvs9fMphM9oLlXvOyPP2uz1vkMD3cEsvL4TG6Faa36uKyvDWHv-ns9BlNn7fQ4fG6LG_N3-N0mN0il8dlOD39drvQ9DZbxBLB6SKdiF7G00X9R4cYLeeq2Vyx2swVw8UqAQAAAAAAAAAsYcq8CQAAAMBpEMvBbrlb54EMdqvFbrVcgAffUN0f62Ra3HK6g91U_l_li_LM5eLGjx_CZHvYPS63wuywONwOKwM8TEIwb_5MEGu1WtYAAAAC2AAAAAHcunkLRIfi_____-MAAABk5OgBAACO94GuAAAAAAAA-AlwtZwN!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2075175&dpubid=190797&abtst=206725b_vA!206725b_vA!amplean_vD!ecp_vC!eidc_vB!id5mc_vB!inc_all_video_vA!spa2_vA!ul118513-590_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.al.com&en=1&subu=4&panid=07e47c5f4873394acffad829716416d539385cfa799f10d050a687bc7cb26bfa
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.5/UnitInlineDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
418e9983c4735249d94225d3caa49a47b14b4645a4510b59df7944891149e5bc

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:20 GMT
content-encoding
gzip
server
nginx
machineid
1121
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.al.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
link
<http://{"userSync">; rel=preconnect,<http://{"adUnit">; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel.gif
px.moatads.com/
43 B
267 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-5t%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-lNpXKgt%2BRfoJWg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=975&gp=2115.796875&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&id=1&ii=4&pl=0&f=0&j=&t=1663609027954&de=596173601160&rx=201346368572&cu=1663609027954&m=12532&ar=5aeef158bee-clean&iw=f009e8a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2115.796875&lb=5966&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1014%3A1014%3A6856%3A1077&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10097&cd=5055&ah=10097&am=5055&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1491967135%3A571348615%3A1731081415%3A138224706452&bo=343101415&bp=387187255&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387187255&dfp=0%2C1&la=387187255&zMoatAU=%2F344101295%2FAL%2Fwww.al.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Bottom&zMoatPlatform=desktop&zMoatVersion=adv-1.1-c&zMoatATF=false&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&oq=0&ot=0&tc=0&fs=200157&na=1894264152&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.105.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:37:20 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:37:20 GMT
OpportunityServlet
us-vid-events.taboola.com/
1 B
117 B
Ping
General
Full URL
https://us-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_2_6/infra/cmTagINLINE_INSTREAM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.al.com
date
Mon, 19 Sep 2022 17:37:20 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
v1
prg.smartadserver.com/prebid/
1 KB
1 KB
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
4f5d97890f5e52a866e2def2c1c92b8442eb08c122ca4218be89cd0fdaa3e172

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:20 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.al.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
avjp
taboola-d.openx.net/v/1.0/
106 B
127 B
XHR
General
Full URL
https://taboola-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.al.com&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=&nocache=1663609040538&gdpr_consent=&gdpr=0&us_privacy=1---&schain=1.0%2C1!taboola.com%2C1031841%2C1%2C-521625309%2C%2C&skippable=true&protocol=6&auid=543963954&vwd=1024&vht=576&vos=101&aumfs=600
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.2/OvaMediaPlayer.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:37:20 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.al.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel.gif
px.moatads.com/
43 B
267 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F13478065169671183227&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-5t%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-lNpXKgt%2BRfoJWg%3D%3D&sc=1&os=1-Ag%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&id=1&ii=4&pl=0&f=0&j=&t=1663609027954&de=551244607233&rx=201346368572&cu=1663609027954&m=12734&ar=5aeef158bee-clean&iw=f009e8a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5966&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1014%3A1014%3A6856%3A1077&as=1&ag=10180&an=5341&gi=1&gf=10180&gg=5341&ix=10180&ic=10180&ez=1&ck=1072&kw=972&aj=1&pg=100&pf=100&ib=1&cc=1&bw=10180&bx=5341&ci=1072&jz=972&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10084&cd=5244&ah=10084&am=5244&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=1485967855%3A558038455%3A1719447535%3A138386336931&bo=343101415&bp=387187255&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387187255&dfp=0%2C1&la=387187255&zMoatAU=%2F344101295%2FAL%2Fwww.al.com%2Fnews&zMoatProduct=cal&zMoatPS=-&zMoatSlot=RightRail_Top&zMoatPlatform=desktop&zMoatVersion=adv-1.1-c&zMoatATF=true&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&tc=0&fs=200157&na=763131539&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.105.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-105-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:37:20 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:37:20 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=3416866980725250136

Verdicts & Comments Add Verdict or Comment

694 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| admiral object| googletag object| sophi object| BOOMR_mq string| BOOMR_API_key object| BOOMR string| environment object| adiData object| dataLayer object| Fusion object| react object| React object| ReactDOM object| PropTypes object| StyledComponents object| regeneratorRuntime object| OneTrustStub object| webpackChunksnowplow_tracker_javascript_new object| $OPHI_GN function| sophiTag string| sophiGlobalVariable object| Snowplow function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression function| setImmediate function| clearImmediate object| adiTrackPromise object| adiTrack function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| otCcpaOptOut function| dnsfeed object| CDP object| PQ object| apstag object| pbjs boolean| bcDFPCallbackCalled function| bcDFPCallback object| lotame_958 object| burtApi number| rg_insertionMultiple object| AdManager object| _taboola object| Advance object| tp object| google_tag_manager function| postscribe object| google_tag_manager_external function| 4dm1r11545242527 object| idl object| teads_analytics string| bcHostname object| pArray function| adiGetLotameValue object| lotameSegments object| atsScript boolean| isOriginalIDL undefined| revgenDebug string| bcAffiliateProp string| logStyle function| handleProfileProperties function| debouncedHandleProfileProperties function| loadValuesFromBlueConic function| debounce function| storeIDLInfo function| setOriginalIDL function| retry function| retryGetProfileProps function| emitIDLInfo function| retryEmitIDLInfo function| setLiveRampsIDL function| waitForBcPageView function| waitForATS function| waitForAuth0 function| waitForWall function| waitForBC function| pathValue object| IDLExists object| isIDLReportingPending object| isProfileUpdatePending object| atsPromise object| profilePromise object| loginAuth0Promise object| emailWallPromise object| pianoScript number| a object| google_tag_data string| GoogleAnalyticsObject function| ga object| PARSELY object| _comscore function| fbq function| _fbq string| meterContentType object| _linkedin_data_partner_ids boolean| _already_called_lintrk object| scrEm string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| ggeac object| google_js_reporting_queue object| __otccpaooLocation boolean| dv-data-transparency-tag-active function| dv-data-transparency-top-level-monitoring function| lotameIsCompatible function| lt958_ba function| lt958_b undefined| lt958_c undefined| lt958_ca undefined| lt958_da function| lt958_ea object| lt958_e function| lt958_fa function| lt958_ga object| lt958_ object| lt958_Oa object| lt958_7 function| lt958_aa function| lt958_a function| lt958_d function| lt958_f function| lt958_g function| lt958_h function| lt958_i function| lt958_j function| lt958_k function| lt958_ia function| lt958_ha function| lt958_l function| lt958_m function| lt958_ja function| lt958_n function| lt958_o function| lt958_p function| lt958_q function| lt958_r function| lt958_na function| lt958_ka function| lt958_la function| lt958_t function| lt958_ma function| lt958_u function| lt958_v function| lt958_w function| lt958_s function| lt958_x function| lt958_y function| lt958_z function| lt958_A function| lt958_oa function| lt958_B function| lt958_C function| lt958_pa function| lt958_D function| lt958_E function| lt958_F function| lt958_qa function| lt958_H function| lt958_I function| lt958_G function| lt958_ra function| lt958_J function| lt958_K function| lt958_sa function| lt958_ta function| lt958_L function| lt958_ua function| lt958_va function| lt958_wa function| lt958_Aa function| lt958_xa function| lt958_ya function| lt958_za function| lt958_Ba function| lt958_Da function| lt958_Ca function| lt958_M function| lt958_Ea function| lt958_Fa function| lt958_Ga function| lt958_Ha function| lt958_Ia function| lt958_Ja function| lt958_Ka function| lt958_La function| lt958_Ma function| lt958_N function| lt958_O function| lt958_P function| lt958_Q function| lt958_R function| lt958_S function| lt958_T function| lt958_U function| lt958_V function| lt958_W function| lt958_X function| lt958_Y function| lt958_Z function| lt958_Na function| lt958__ function| lt958_0 function| lt958_1 function| lt958_2 function| lt958_Pa function| lt958_4 function| lt958_Qa function| lt958_Sa function| lt958_Ra function| lt958_Ua function| lt958_Ta function| lt958_3 function| lt958_Va function| lt958_Wa function| lt958_Xa function| lt958_Ya function| lt958_Za function| lt958__a function| lt958_5 function| lt958_6 function| lt958_0a function| lt958_1a function| lt958_2a function| lt958_3a function| lt958_4a function| lt958_5a function| lt958_6a function| lt958_7a function| lt958_8a function| lt958_9a function| lt958_8 function| lt958_bb function| lt958_cb function| lt958_ab function| lt958_$a function| lt958_eb function| lt958_db function| lt958_gb function| lt958_fb function| lt958_hb function| lt958_ib function| lt958_jb function| lt958_kb function| lt958_lb function| lt958_mb function| lt958_ob function| lt958_rb function| lt958_qb function| lt958_nb function| lt958_ub function| lt958_pb function| lt958_sb function| lt958_wb function| lt958_vb function| lt958_xb function| lt958_tb function| lt958_yb function| lt958_zb function| lt958_Ab function| lt958_9 function| lt958_Bb function| lt958_Cb function| lt958_Db function| lt958_Eb function| lt958_Fb function| lt958_$ function| lt958_Gb function| lt958_Hb function| lt958_Ib function| lt958_Jb function| lt958_Kb function| lt958_Lb function| lt958_Mb function| lt958_Ob function| lt958_Pb function| lt958_Qb function| lt958_Nb object| TRC object| _tblConsole undefined| msg string| pm_pgtp object| default_gsi object| google object| closure_lm_213364 object| __G_ID_CLIENT__ boolean| apstagLOADED object| pbjsChunk object| _pbjsGlobals object| mnet object| __li__evt_bus object| liQ object| blueConicPreListeners function| BCClass object| blueConicClient undefined| ct undefined| et undefined| hourElapsed undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| gaplugins function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| lotame_sync_16576 object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadedadvanceddigitalheader640552616592 object| ats object| COMSCORE function| udm_ object| ns_p function| ttd_dom_ready function| TTDUniversalPixelApi object| trx function| md5 function| lintrk function| onYouTubeIframeAPIReady object| gaGlobal undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| isAnExcludedLink object| Sailthru undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx boolean| _tb_vautop function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id string| trc_item_url object| TRCImpl number| taboola_view_id function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp object| filteredSegments object| filteredAudIndividual object| filteredAudVoter object| filteredAudMidterm2022 object| bc_json1071 string| url string| ptitle object| gaData object| PublisherCommonId object| Optanon object| OneTrust function| sync16576_c function| sync16576_d undefined| sync16576_e undefined| sync16576_f undefined| sync16576_g function| sync16576_h object| sync16576_j function| sync16576_k function| sync16576_l object| sync16576_ object| sync16576_la function| sync16576_a function| sync16576_b function| sync16576_i function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_aa function| sync16576_q function| sync16576_r function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_ba function| sync16576_ca function| sync16576_v function| sync16576_da function| sync16576_w function| sync16576_x function| sync16576_y function| sync16576_ea function| sync16576_z function| sync16576_A function| sync16576_B function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_fa function| sync16576_J function| sync16576_K function| sync16576_ga function| sync16576_ha function| sync16576_L function| sync16576_M function| sync16576_ia function| sync16576_ja function| sync16576_ka function| sync16576_N function| sync16576_O function| sync16576_P function| sync16576_Q function| sync16576_R function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Z function| sync16576_Y function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_4 function| sync16576_5 function| sync16576_ma function| sync16576_3 function| sync16576_7 function| sync16576_6 function| sync16576_na function| sync16576_8 function| sync16576_oa function| sync16576_9 function| sync16576_pa function| sync16576_$ function| sync16576_qa object| ID5 object| _pmk function| TBWidgetFacebook function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| yi object| _pm_mcg object| image function| $ object| _bcp function| BlueConicEngagement function| RuleService object| justDetectAdblock object| bcConnectionUtil object| checkSameSiteNoneSupport function| BlueConicDataLayerUtil object| JSONPath string| _contentURL string| _title object| bcSegmentsArray number| bcchunkSize number| num string| chunkString object| bcGASegment string| bcGASegmentName undefined| dcrSegmentsMI object| bc_json1072 object| placementData string| nam object| cmTag object| PianoESPConfig object| _cm_wfCounters string| lastWfUrl object| ox_esp function| sync16589_c function| sync16589_d undefined| sync16589_e undefined| sync16589_f undefined| sync16589_g function| sync16589_h object| sync16589_j function| sync16589_k function| sync16589_l object| sync16589_ object| sync16589_la function| sync16589_a function| sync16589_b function| sync16589_i function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_aa function| sync16589_q function| sync16589_r function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_ba function| sync16589_ca function| sync16589_v function| sync16589_da function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_ea function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_fa function| sync16589_J function| sync16589_K function| sync16589_ga function| sync16589_ha function| sync16589_L function| sync16589_M function| sync16589_ia function| sync16589_ja function| sync16589_ka function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Z function| sync16589_Y function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_4 function| sync16589_5 function| sync16589_ma function| sync16589_3 function| sync16589_7 function| sync16589_6 function| sync16589_na function| sync16589_8 function| sync16589_oa function| sync16589_9 function| sync16589_pa function| sync16589_$ function| sync16589_qa object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_130 object| Criteo object| Criteo_identitytag_130 function| __esp_getUID2Async object| __uid2 function| webpackHotUpdate function| startCMTagMain string| category string| vpaidId function| OvaMediaPlayer number| BOOMR_onload object| tbopt object| GoogleGcLKhOms object| google_image_requests

259 Cookies

Domain/Path Name / Value
.taboola.com/advance-alabama/ Name: taboola_session_id
Value: v2_e72171cec3b98397967cc9197a87976c_271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44_1663609028_1663609028_CNawjgYQof0-GOf_zLa1MCABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGiOuMvY8NrPu1twAQ
www.al.com/news/2022/09 Name: ntvSession
Value: {"id":8332057,"placementID":1095321,"lastInteraction":1663609028878,"sessionStart":1663609028878,"sessionEndDate":1663632000000,"experiment":""}
w698.al.com/DG/DEFAULT Name: BCSessionID
Value: 84b9c698-a20f-402d-8057-95dca1f3cb50
advancelocal.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 84b9c698-a20f-402d-8057-95dca1f3cb50
i.liadm.com/s Name: _li_ss
Value: MgkI_____wcQpBM
.al.com/ Name: sophiTagses.a41a
Value: *
.al.com/ Name: _sp_duid
Value: b647e635-824f-4922-aef1-7fb2488fa68e
.al.com/ Name: utag_vnum
Value: 1666201027553&vn=1
.al.com/ Name: utag_invisit
Value: true
.al.com/ Name: lotame_domain_check
Value: al.com
www.al.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.al.com/ Name: _li_dcdm_c
Value: .al.com
.al.com/ Name: _lc2_fpi
Value: 8810293dbf02--01gdbd6f7b1z1pg4zmdesbxzja
.al.com/ Name: pbjs_pubcommonID
Value: 3351a68b-6164-4422-b535-4e7decfd2881
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_domain
Value: .cc.al.com
.crwdcntrl.net/ Name: _cc_id
Value: 9f0f2299617d4ba9f43b8a63b40f400f
.liadm.com/ Name: lidid
Value: 43662092-a9ee-4c81-b28f-6225b309b9cd
www.al.com/ Name: last_visit_bc
Value: 1663609027935
.al.com/ Name: _cc_id
Value: 9f0f2299617d4ba9f43b8a63b40f400f
.al.com/ Name: _cc_cc
Value: ACZ4XmNQsEwzSDMysrQ0MzRPMUlKtEwzMU6ySDQzTjIxSDMxMEhjAIJkjRWHQTQEyD97sEKVcR87w39GRoazd1qUYOzmb63qMPbO251qMPavji1wNeee9bDAxD%2FeQ7DXb5wPN7Pv7W8VmJqmQxf0YezZk26oMy6G2Hvh0Dx2GPvYnmVSMPaTFx91Yeo3%2FSmEMZ8tngO39vLf23D2uaOHmGFqvm%2BcAhffve%2ByAEz8Q8N9OPswkjmr1z%2FlhqvZ1M4KY08%2BAQ%2BFd0sQ1vYihA%2FuRLhgfeM%2BuOlHNiLEz%2F76pwczEQCwg4f9
.al.com/ Name: _cc_aud
Value: ABR4XmNgYGBI1lhxGEhBABMDg6I%2FmKkEIgA5AAKL
.al.com/ Name: panoramaId
Value: 07e47c5f4873394acffad829716416d539385cfa799f10d050a687bc7cb26bfa
.scorecardresearch.com/ Name: UID
Value: 1501c3225137b02430d1d191663609028
.al.com/ Name: _ga_Q2GF9K551G
Value: GS1.1.1663609028.1.0.1663609028.0.0.0
www.al.com/ Name: sailthru_pageviews
Value: 1
.linkedin.com/ Name: li_sugr
Value: bf599527-ec21-493c-9236-8e0f4948ead6
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&57e59b79-2a9f-4e55-8eac-fdc8f123946a"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2790:u=1:x=1:i=1663609028:t=1663695428:v=2:sig=AQEpcbQERpt2XEgK6TW1c75JPaGyCb1G"
.al.com/ Name: utag_dslv_s
Value: Less than 1 day
www.al.com/ Name: _tfpvi
Value: MDY2YmFlYmYtMGQwZi00ZjAyLWFmM2MtZDc3OTA1OWQ5ZGRkIzItNQ%3D%3D
www.al.com/ Name: authsource_origin
Value: false
.al.com/ Name: _pprv
Value: %7B%22consent%22%3A%7B%220%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%221%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%222%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%223%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%224%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%225%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%226%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%227%22%3A%7B%22mode%22%3A%22opt-in%22%7D%7D%7D
.al.com/ Name: _pctx
Value: %7Bu%7DN4IgDghg5gpgagSxgdwJIBMQC4QBsAcAnAIwBuxArgMwDG%2ByEATgKynMgA0IFAzjIz2wA7Crlxde-AMoAXCDN7YQEIQHshnEDwQyYGYaNwBfIA
.linkedin.com/ Name: UserMatchHistory
Value: AQKY_IGvXPXogQAAAYNW0z_7xfW1m-Gaz4KM1VnwFlGV_xerQp9bPWkyslnfY-_ru-2C6PzIpIQI9g
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJs33vatsZ5EQAAAYNW0z_7zgAZY-vFVhQSnftrGImCX39hgQZJ1aYhupFodL-14YmrHNa5eEDcclc94Z-mkg
.al.com/ Name: _awl
Value: 2.1663609028.0.5-596a4c22244e885d4a27eca2c8b7c574-6763652d75732d6561737431-0
.al.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.al.com/news/2022/09/serious-data-breach-at-uber-spotlights-hacker-social-deception.html%22%2C%22sref%22:%22%22%2C%22sts%22:1663609028802%2C%22slts%22:0}
.postrelease.com/ Name: ver
Value: 1
.al.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=d86173013bffcc9c7fb0939f4e01e50a%22%2C%22session_count%22:1%2C%22last_session_ts%22:1663609028802}
.al.com/ Name: __gpi
Value: UID=0000086520311728:T=1663609028:RT=1663609028:S=ALNI_MbRPqga9S5PJZR5JgSIjm2aidk6rQ
.al.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.al.com/ Name: _ga
Value: GA1.2.1987971981.1663609028
.al.com/ Name: _gid
Value: GA1.2.418718603.1663609029
.al.com/ Name: _gat_UA-16643585-4
Value: 1
www.al.com/ Name: _lr_geo_location
Value: CA
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&20220919173708502f200a-38f1-4f69-8cdc-f9616e98ae45AQG0VrDs-Dfd0Y9U6u219xr_6Eywx2QG"
www.al.com/ Name: sailthru_content
Value: f4a7c85e01f838bbd48b9b9f9577e080
www.al.com/ Name: sailthru_visitor
Value: df998339-e873-4f5e-bea2-f63ae2e82d42
www.al.com/ Name: _ntv_uid
Value: 15f33823-79a2-4b42-bca2-a220e1a32f1e
.postrelease.com/ Name: visitor
Value: a1c47631-f2e3-488b-a302-ab8beb2bf768
www.al.com/ Name: usprivacy
Value: 1---
www.al.com/ Name: _tb_sess_r
Value:
.amazon-adsystem.com/ Name: ad-id
Value: A1aKj-NGoEiyluH2Ji6R5AU
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.al.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Mon+Sep+19+2022+17%3A37%3A09+GMT%2B0000+(GMT)&version=202208.1.0&hosts=&consentId=e681e20f-380a-4032-96a5-18deffb03167&interactionCount=0&landingPath=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html&groups=1912%3A1%2CC0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
.al.com/ Name: _fbp
Value: fb.1.1663609029118.1055637007
.rubiconproject.com/ Name: khaos
Value: L891V243-1U-3PG3
www.al.com/ Name: BCSessionID
Value: 84b9c698-a20f-402d-8057-95dca1f3cb50
.postrelease.com/ Name: status
Value: 1
.adform.net/ Name: C
Value: 1
advancelocal.blueconic.net/ Name: AWSALBCORS
Value: Qvc04YOPNNRKGwb2JOItrppjMxOy2WKxLcRzoNHQZRtNcNL/le76McpdaNlwrGG7fAbGEn1S+TkJDYHL9tG8ciQitKTNsUzQCcElxQy61iA7jcM4IJeWBxALInGe
.agkn.com/ Name: ab
Value: 0001%3Agzn5QJuUllE55CnW%2Foid6ECDcyySVnEm
.jivox.com/ Name: jvxsync
Value: thU1WNhwh6DL
.adsrvr.org/ Name: TDID
Value: 53ce5430-0132-4e50-8142-31f223e51f5c
.simpli.fi/ Name: suid
Value: EFC64CBD0BF84FEF9BA13C033C226E52
.facebook.com/ Name: fr
Value: 0EfHxfcXLam35SFKx..BjKKjF...1.0.BjKKjF.
.al.com/ Name: utag_vs
Value: 3
.al.com/ Name: utag_dslv
Value: 1663609029282
.adform.net/ Name: uid
Value: 3416866980725250136
.sharethis.com/ Name: __stid
Value: ZHgACWMoqMUAAAAJDZ0CAw==
.sharethis.com/ Name: __stidv
Value: 2
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 7DB2CA13-E8A7-4FDA-984A-416FFC946F59
.krxd.net/ Name: _kuid_
Value: PFraC96M
.thrtle.com/ Name: mc
Value: eyJpZCI6IjEwNjkyMDQyLTBjZTAtNDFkYy04Y2NhLWUyN2UwZGE1ODk4ZiIsImwiOjE2NjM2MDkwMjkzNDMsInQiOjF9
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: ccz30hj1edmtmlqy3kd5cjvv
.ml314.com/ Name: pi
Value: 3630171488819085334
.taboola.com/ Name: t_gid
Value: 271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44
.casalemedia.com/ Name: CMID
Value: YyioxYRn5thDcSzcHKUNIQAA
.casalemedia.com/ Name: CMPS
Value: 014
.casalemedia.com/ Name: CMPRO
Value: 014
www.al.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44
.adnxs.com/ Name: uuid2
Value: 2310414087477230896
.adsymptotic.com/ Name: U
Value: dfd52e9b1a7f2935095ae159b54bd9f8
.openx.net/ Name: i
Value: 638e73f8-71cb-4678-b1e0-b100e90dfbb5|1663609029
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-58cdf5b5-bd04-449a-6bde-b09e647c1e45.P0muSmgqKx%2B2gRwGYEy3yBMAcjhdJlyDYXIvExuvmbY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AWM31tb0ERJpr3rCeZHweRZU4mbU.T1CASl8q3JPBRznsZNV0KjuIlBQjUufEugyyb%2BzDDgs
.al.com/ Name: flybyfalse
Value: true
.al.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22l891v1u3bved4d1d%22%7D
w698.al.com/ Name: AWSALB
Value: vd4KA2jhiohai/akNe3TyTZ59aclTB5McvzoyZ1/MmoKp2HCSArSP9GkISFcj8C7UQvYkASMb8hzxVESa+68zzU0GIF2vrP0qdzPasgGHCDYubvuJNeWJCZiDMzg
w698.al.com/ Name: AWSALBCORS
Value: vd4KA2jhiohai/akNe3TyTZ59aclTB5McvzoyZ1/MmoKp2HCSArSP9GkISFcj8C7UQvYkASMb8hzxVESa+68zzU0GIF2vrP0qdzPasgGHCDYubvuJNeWJCZiDMzg
.twitter.com/ Name: personalization_id
Value: "v1_JQ+nFXhJg1uuw43ttRwjog=="
.al.com/ Name: __li_idex_cache
Value: %7B%7D
.doubleclick.net/ Name: IDE
Value: AHWqTUlrF6ncHs9-D_saTdLqU2jM_iydBjXyH1LqT5B8riDHMbJcYrXXRP8PFuP-Hek
.al.com/ Name: __gads
Value: ID=cae86cc899356688:T=1663609028:S=ALNI_MYsksUxwN-IrDpJ6So0iNw6_OmKJg
.piano.io/ Name: __cf_bm
Value: SR.OAV0dWdGvJ7aiLZq_dD5KPALW5xafKcb9PxcUPUk-1663609029-0-AeK3bUdJwOzEXrCSLmu909ECiBYsW0yLfsTAGaaHK87WpiE7fIKQmbrFes7IPFROcmTmZpVlcSPo/crv+cO7bIw=
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: jffyzpbfrtehewcxv01hwm4w
.ib.mookie1.com/ Name: ibkukiuno
Value: s=29a3dc4c-4c33-4b26-a0a1-f532d48668aa&h=&v=1259000178&l=-8585379978557305516&op=&hl=0&vlu=3&tcs=1&dcc=-8585379978557305516
.ib.mookie1.com/ Name: ibkukinet
Value: 2503514549=-8585379978557305516
.al.com/ Name: __tbc
Value: %7Bkpex%7Dzl-Pk21mwaBG1PlyX_gDJuvn9f5XSyuHES8y0t4syMLJZGVhgDBD41ZM0wGOD-g9
.al.com/ Name: __pat
Value: -14400000
.al.com/ Name: __pvi
Value: %7B%22id%22%3A%22v-2022-09-19-17-37-08-641-uYMi4dGwsPG34MZW-54d33eeecc92b461543b87c4b98c9c53%22%2C%22domain%22%3A%22.al.com%22%2C%22time%22%3A1663609029875%7D
.al.com/ Name: xbc
Value: %7Bkpex%7DWixqia_1z8SCuf38o6E2kUbqlc0JX6YwO7qozkn4Q5WkShWGScAkGLUkf51Me57zjPOb6eZoJf4N36FcYaEa7AM__9QA8htywTaX2kyoV0PO-B93vi9WNOyrdyXOJRN6xW72qxYDdaRdHuzCglXyRz4wEBynXxMF5Nfae32OhU_FVoSsPVjN0VR1TjVKhXxh_td5nEa3Hp0Yq2oWIk1sGCj3FZ7-Et8VSxCCxy4ThRWOIc4BfdvzsqG1CDZZI1KNjQlYMusF-8gjjmkGhpNK8aNeIYWbvzxcyjF8rxuMgRK12rxboJaVlY6iGFJ2wtok
.rlcdn.com/ Name: pxrc
Value: CMXRopkGEgUI6EcQAA==
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-53ce5430-0132-4e50-8142-31f223e51f5c&KRTB&22918-53ce5430-0132-4e50-8142-31f223e51f5c&KRTB&23031-53ce5430-0132-4e50-8142-31f223e51f5c
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:EFC64CBD0BF84FEF9BA13C033C226E52
.mathtag.com/ Name: uuid
Value: 21b96328-a8c6-4500-bdea-f3c8e6e4e659
.turn.com/ Name: uid
Value: 2840279727660594736
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEIYpT-QXtIKgfBu3hX-U26Y&KRTB&16514-CAESEIYpT-QXtIKgfBu3hX-U26Y&KRTB&23025-CAESEIYpT-QXtIKgfBu3hX-U26Y&KRTB&23386-CAESEIYpT-QXtIKgfBu3hX-U26Y
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2840279727660594736&KRTB&23150-2840279727660594736
.pippio.com/ Name: did
Value: cOeX5CBVdIvadX40
.pippio.com/ Name: didts
Value: 1663609030
.pippio.com/ Name: nnls
Value:
.criteo.com/ Name: uid
Value: f03674c7-8eff-49f4-9a78-0f9fbe12a0cd
.openx.net/ Name: pd
Value: v2|1663609030|vMgakWgyiK
.6sc.co/ Name: 6suuid
Value: 57d11cb8cf430000c6a828638f01000088910a00
.pippio.com/ Name: pxrc
Value: CMbRopkGEgQIAhAAEgYI7OsBEAA=
.yahoo.com/ Name: A3
Value: d=AQABBMaoKGMCEMUqczizXWj3SUSo56wDQhMFEgEBAQH6KWMyYwAAAAAA_eMAAA&S=AQAAAorw-4NkfTnkRcUeV5Cdt5c
.linksynergy.com/ Name: rmuid
Value: fac9f2e3-c36d-4789-986e-0c501fbcc449
.linksynergy.com/ Name: icts
Value: 2022-09-19T17:37:10Z
.openx.net/ Name: univ_id
Value: 537072971|53ce5430-0132-4e50-8142-31f223e51f5c|1663609030728261
ads.stickyadstv.com/ Name: UID
Value: a89c953af7787798e8f1a47f17567936
ads.stickyadstv.com/ Name: sessionId
Value: efa27ed05122f71b925ea8afd4845b19
.al.com/ Name: cto_bundle
Value: EKEmJV94M0s3ZXlQbkUyOUZDY2xldDF0TXRLMzhmZ3hTRHRzRUpCVnJwb0VZbnBPVDlDaUl4TCUyRlNqWWF1elBoSUJQMTRYMW1PODlVcDVNc3lweHpMUlJIc2ElMkJhQ0wwTktGSVdSbE1xQ0FwTUxGdGdodnBKSlFDck5HZ0d5NzJSckdjY2UwVGVFMkRyRVppcGxJZ3gyN3k3N1hRJTNEJTNE
.al.com/ Name: sophiTagid.a41a
Value: b647e635-824f-4922-aef1-7fb2488fa68e.1663609027.1.1663609031.1663609027.f4728d14-e936-458b-926d-ae96cb54cf3b
.doubleclick.net/ Name: DSID
Value: NO_DATA
.ads.stickyadstv.com/ Name: updated
Value: 1
.ads.stickyadstv.com/ Name: sessionId
Value: efa27ed05122f71b925ea8afd4845b19
.ads.stickyadstv.com/ Name: UID
Value: a89c953af7787798e8f1a47f17567936
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 353075=5110177
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pid
Value: 8612705671450730832
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0&c=1&l=1501522464&lo=384595258&lt=637992058313732263&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0
.ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
www.al.com/ Name: _lr_sampling_rate
Value: 100
.lijit.com/ Name: ljt_reader
Value: FV-haQZH5uXoyy21TTuHkI5D
.contextweb.com/ Name: V
Value: i797d7dlTjO5
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1g70|5Ql.0.271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4288c4da16e704c3
.lijit.com/ Name: _ljtrtb_42
Value: 271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44
.fwmrm.net/ Name: _uid
Value: "e9e0e_7145146381475773380"
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: e9e0e_7145146381475773380
.ads.stickyadstv.com/ Name: MRM_UID
Value: e9e0e_7145146381475773380
ads.stickyadstv.com/ Name: uid-bp-36033
Value: e9e0e_7145146381475773380
ads.stickyadstv.com/ Name: MRM_UID
Value: e9e0e_7145146381475773380
.3lift.com/ Name: tluid
Value: 2149341060709152048717
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESENQj-57RLqCqDR90KS-epXo
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESENQj-57RLqCqDR90KS-epXo
.mfadsrvr.com/ Name: tuuid
Value: 42040130-a175-487a-b818-5a0c5dc976ef
.mfadsrvr.com/ Name: c
Value: 1663609031
.mfadsrvr.com/ Name: tuuid_lu
Value: 1663609031
.bidswitch.net/ Name: c
Value: 1663609031
.bidswitch.net/ Name: tuuid_lu
Value: 1663609031
ads.stickyadstv.com/ Name: uid-bp-892
Value: 53ce5430-0132-4e50-8142-31f223e51f5c
.ads.stickyadstv.com/ Name: uid-bp-892
Value: 53ce5430-0132-4e50-8142-31f223e51f5c
ads.stickyadstv.com/ Name: pxId
Value: 1425
.ads.stickyadstv.com/ Name: pxId
Value: 1425
.bidswitch.net/ Name: tuuid
Value: 19664485-99ac-4cb7-83c9-5ab210ec6836
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-8bBw6JhE2oMEK6OFmjj9nOgvkwy50u8miOK_bOhf~A
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-8bBw6JhE2oMEK6OFmjj9nOgvkwy50u8miOK_bOhf~A
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-19664485-99ac-4cb7-83c9-5ab210ec6836
ads.stickyadstv.com/ Name: uid-bp-951
Value: 2310414087477230896
.ads.stickyadstv.com/ Name: uid-bp-951
Value: 2310414087477230896
.smartadserver.com/ Name: csync
Value: 107:271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
.omnitagjs.com/ Name: ayl_visitor
Value: 8fb7ba7cc7c285b565127393b0ed1e9f
sync-dmp.mobtrakk.com/ Name: pid
Value: Y2U3MmJkMTJjNjM2ZTZl
.adx.opera.com/ Name: UID
Value: 75d6e287642a4b4ab75a25b9b2d33168
.ads.stickyadstv.com/ Name: uid-bp-40946
Value: 833f3fee-d83a-406c-bbbf-66bb03a30baf
ads.stickyadstv.com/ Name: uid-bp-40946
Value: 833f3fee-d83a-406c-bbbf-66bb03a30baf
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.go.sonobi.com/ Name: __uis
Value: c74b38b7-d1e4-43aa-8616-b98732a9e0f8
.go.sonobi.com/ Name: HAPLB8S
Value: s85195|Yyipq
.bidr.io/ Name: bito
Value: AAEssk7GUVIAAA8DoQQBHw
.bidr.io/ Name: bitoIsSecure
Value: ok
ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAEssk7GUVIAAA8DoQQBHw
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAEssk7GUVIAAA8DoQQBHw
.tapad.com/ Name: TapAd_TS
Value: 1663609032420
.tapad.com/ Name: TapAd_DID
Value: 93d134d0-5ea6-4555-89d7-3af0e4421845
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.w55c.net/ Name: wfivefivec
Value: 2XVuaw5n1OAkHK5
.w55c.net/ Name: matchfreewheel
Value: 5
ads.stickyadstv.com/ Name: uid-bp-23329
Value: 2XVuaw5n1OAkHK5
.ads.stickyadstv.com/ Name: uid-bp-23329
Value: 2XVuaw5n1OAkHK5
ads.stickyadstv.com/ Name: uid-bp-617
Value: 3416866980725250136
.ads.stickyadstv.com/ Name: uid-bp-617
Value: 3416866980725250136
.semasio.net/ Name: SEUNCY
Value: 995FF7604E9376A8
.id5-sync.com/ Name: 3pi
Value: 464#1663609031521#786893168#271d530b-70eb-4401-8d77-cd8dfbbceab0-tucta222e44|112#1663609032849#1645458333#995FF7604E9376A8|2#1663609031646#-1561741214#2310414087477230896|434#1663609032282#389454950|3#1663609031790#-2006121015#21b96328-a8c6-4500-bdea-f3c8e6e4e659|264#1663609031920#-2112138673#53ce5430-0132-4e50-8142-31f223e51f5c|108#1663609032546#-1937736471|429#1663609032066#-1941551472#7DB2CA13-E8A7-4FDA-984A-416FFC946F59
.id5-sync.com/ Name: callback
Value:
.demdex.net/ Name: demdex
Value: 91368215140393458251474940540967745155
.dpm.demdex.net/ Name: dpm
Value: 91368215140393458251474940540967745155
www.al.com/ Name: pbjs_li_nonid
Value: %7B%7D
www.al.com/ Name: _lr_retry_request
Value: true
www.al.com/ Name: _lr_env_src_ats
Value: false
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQsEwzSDMysrQ0MzRPMUlKtEwzMU6ySDQzTjIxSDMxMEhjAIJkjRWnQDQUAABQdgqy"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI1lhxCkhBAQAYEgH%2B"
.ads.pubmatic.com/ Name: KCCH
Value: YES
.al.com/ Name: panoramaId_expiry
Value: 1664213834195
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 159879:3
.pubmatic.com/ Name: DPSync3
Value: 1663632000%3A174%7C1664755200%3A197_201_219_221_226_228%7C1664150400%3A164
.pubmatic.com/ Name: SyncRTB3
Value: 1664755200%3A71_7_231_55_54_104_13_166_165_220_22_3_21%7C1664150400%3A223_15_2
.id5-sync.com/ Name: id5
Value: 73c991e7-0727-4337-be71-b970d282050e#1663609029633#3
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:21b96328-a8c6-4500-bdea-f3c8e6e4e659&KRTB&16736-uid:21b96328-a8c6-4500-bdea-f3c8e6e4e659&KRTB&23019-uid:21b96328-a8c6-4500-bdea-f3c8e6e4e659&KRTB&23208-uid:21b96328-a8c6-4500-bdea-f3c8e6e4e659
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2310414087477230896&KRTB&23339-2310414087477230896
.fiftyt.com/ Name: fifid
Value: 8d6f9fd4-763b-4f04-7314-61db619047a2
.fiftyt.com/ Name: cs
Value: MTY2MzYwOTAzNHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fHl-_BKmWmficwWRZbJdYc9L3xY-edNa8go7xwF_dmJg
.deepintent.com/ Name: CDIUSER
Value: di_13b1e1fcee524ff2889de
.sitescout.com/ Name: ssi
Value: 4a9a03a5-8298-4e48-ad99-826f2dfe69df#1663609034386
.ipredictive.com/ Name: cu
Value: 61a4c8ac-ec38-474c-a4f1-e44ea2a94d83|1663609034390
.adgrx.com/ Name: ADGRX_UID
Value: b2eb0008-3841-11ed-87e1-92a75f8dcbdf
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY2MzYwOTAzNDQxNn0
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-61a4c8ac-ec38-474c-a4f1-e44ea2a94d83&KRTB&23011-61a4c8ac-ec38-474c-a4f1-e44ea2a94d83&KRTB&23355-61a4c8ac-ec38-474c-a4f1-e44ea2a94d83
.pubmatic.com/ Name: PugT
Value: 1663609034
.pubmatic.com/ Name: SPugT
Value: 1663609033
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-4a9a03a5-8298-4e48-ad99-826f2dfe69df-6328a8ca-4341
.fiftyt.com/ Name: fppm
Value: 20220919173714
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22113%22%3A%2220220919%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-b2eb0008-3841-11ed-87e1-92a75f8dcbdf&KRTB&23275-b2eb0008-3841-11ed-87e1-92a75f8dcbdf
.technoratimedia.com/ Name: tads_uid
Value: 2FBDE4CAC1704158B20A899FBBE3AD72
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220919133714-0400
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AAEssk7GUVIAAA8DoQQBHw
.owneriq.net/ Name: si
Value: Q7168954341770100695
.owneriq.net/ Name: p2
Value: cc
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAEssk7GUVIAAA8DoQQBHw
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAB1mcxzU5hdgMk6AFJAAAAAAA&KRTB&22713-AAAB1mcxzU5hdgMk6AFJAAAAAAA&KRTB&22715-AAAB1mcxzU5hdgMk6AFJAAAAAAA
.onaudience.com/ Name: cookie
Value: 350f887d26913a07
.onaudience.com/ Name: done_redirects147
Value: 1
.csync.loopme.me/ Name: viewer_token
Value: 102b1551-9a33-48fb-8d43-0e5e1e1a6ed4
.rubiconproject.com/ Name: audit
Value: 1|tcR/wBEzWcJ0S1KiYkzjRO1WuCoMxA8a+JUixCbOKdokEu2gZrfHPjB8/nAD5rnHghoaT8YIUEZymPvo8pleP2I8HLg48+aBaRJzlwjF42lIi/0PgMapEQ==
.media.net/ Name: visitor-id
Value: 3066106341454926000V10
.onaudience.com/ Name: done_redirects161
Value: 1
.w55c.net/ Name: matchmedianet
Value: 5
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwisptfM85uNOxAFEhIKA2FhbRILCOqiv-zzm407EAUSEwoEa3J1eBILCMar2enzm407EAUSFgoHYmx1ZWthaRILCKzb4-3zm407EAUSFgoHcnViaWNvbhILCPDY4ffzm407EAUYASABKAIyCwiqh5unipyNOxAFOAFaBzhtMzN6azRgAg..
.dotomi.com/ Name: DotomiTest
Value: fb5cef0f13d19f6
.mfadsrvr.com/ Name: ssh
Value: !medianet,1663609034!taboola,1663609031
.casalemedia.com/ Name: CMTS
Value: 160
.rlcdn.com/ Name: rlas3
Value: oEBvYnIoQJZqqNzewXJAawIuVndHp+4+8KDkWDbi2oc=
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjS3MDY3Nzc2NDM0trA0MjQ0NRHiM9RNDXRODDEOL0l1NssFABTPsowlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjS3MDY3Nzc2NDM0trA0MjQ0NRHiM9RNDXRODDEOL0l1NssFABTPsowlAAAA
.zemanta.com/ Name: zuid
Value: idGxQnQncMHqsO-5ZnuV
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2795:18xa~2795"
.media.net/ Name: data-ttd
Value: 53ce5430-0132-4e50-8142-31f223e51f5c~~1
.media.net/ Name: data-g
Value: CAESEEc_7dWgQ5PCzfEQYGEoNIk~~8
.pswec.com/ Name: tuuid
Value: 3fbb3089-93aa-4e85-9c3c-73c7fb04dc77
.pswec.com/ Name: c
Value: 1663609034
.pswec.com/ Name: tuuid_lu
Value: 1663609034

9 Console Messages

Source Level URL
Text
network error URL: https://pub.doubleverify.com/signals/pub.json?ctx=20823471&cmp=DV460143&signals=ids,bsc&url=https%3A%2F%2Fwww.al.com%2Fnews%2F2022%2F09%2Fserious-data-breach-at-uber-spotlights-hacker-social-deception.html
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://sync.jivox.com/tags/sync/usync.php?px=1utAfZ8i
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync.crwdcntrl.net/qmap/c=6569/tp=STKA/tpid=0-58cdf5b5-bd04-449a-6bde-b09e647c1e45$ip$149.56.153.181&gdpr=0/gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: the server responded with a status of 503 ()
security error URL: https://06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/16005181246223008224/970x250/SailPoint-HomeDepot-Stat-DigitalAds-V1-970x250.html".
network error URL: https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=3416866980725250136
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=115
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

06a9b679f6d929ef08355b895ceda7f1.safeframe.googlesyndication.com
68794905.akstat.io
a.teads.tv
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
accounts.google.com
ad.turn.com
ads.pubmatic.com
ads.rubiconproject.com
ads.stickyadstv.com
adservice.google.ca
adservice.google.com
advancelocal.blueconic.net
ak.sail-horizon.com
ampcid.google.ca
ampcid.google.com
analytics.twitter.com
api.rlcdn.com
api.sail-personalize.com
assoc-na.associates-amazon.com
at.teads.tv
ats.rlcdn.com
aud.pubmatic.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
buy.tinypass.com
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
c2.piano.io
c21lg-d.media.net
cdn-magiclinks.trackonomics.net
cdn.cookielaw.org
cdn.id5-sync.com
cdn.indexww.com
cdn.parsely.com
cdn.sophi.io
cdn.stickyadstv.com
cdn.taboola.com
cdn.tinypass.com
cds.taboola.com
ce.lijit.com
check.analytics.rlcdn.com
classimage.advance.net
cm.adgrx.com
cm.g.doubleclick.net
collector2.sophi.io
connect.facebook.net
contextual.media.net
cs.media.net
csync.loopme.me
d1z2jf7jlzjs58.cloudfront.net
dis.criteo.com
dmp.adblade.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e1.emxdgt.com
ead.al.com
eb2.3lift.com
eus.rubiconproject.com
exchange.postrelease.com
experience.tinypass.com
eydvgaaamb4gojqacqnqaeyaabrsrkgj-pyypxn-9aab142cf-clienttons-s.akamaihd.net
fastlane.rubiconproject.com
geo.privacymanager.io
geolocation.onetrust.com
gklfs-x8k98.ads.tremorhub.com
global.ib-ibi.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
ib.mookie1.com
id.crwdcntrl.net
id.rlcdn.com
id.sharedid.org
id5-sync.com
idsync.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images-re.al.com
images.taboola.com
imprnjmp.taboola.com
insight.adsrvr.org
jadserve.postrelease.com
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
lexicon.33across.com
loada.exelator.com
loadus.exelator.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
medianet-match.dotomi.com
micro.rubiconproject.com
ml314.com
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
p.adsymptotic.com
p.rfihub.com
p.skimresources.com
p1.parsely.com
pagead2.googlesyndication.com
partners.tremorhub.com
pippio.com
pips.taboola.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.media.net
prg.smartadserver.com
privacy.crwdcntrl.net
prod.uidapi.com
pub.doubleverify.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px.owneriq.net
px4.ads.linkedin.com
r.skimresources.com
realestate.al.com
report-re.al.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.go-mpulse.net
s.ntv.io
s.skimresources.com
s.uuidksinc.net
s0.2mdn.net
satisfycork.com
sb.scorecardresearch.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
spl.zeotap.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.advance.net
static.criteo.net
stats.g.doubleclick.net
su4jtnlipz2kgyzivdeq-pyypxn-f014c1453-clientnsv4-s.akamaihd.net
sync-dmp.mobtrakk.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.jivox.com
sync.mathtag.com
sync.sharethis.com
sync.srv.stackadapt.com
sync.taboola.com
sync.technoratimedia.com
t.6sc.co
t.adx.opera.com
t.pswec.com
t.skimresources.com
taboola-d.openx.net
tags.bluekai.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
targeting.perso.aws.arc.pub
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
trx-hub.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-match.taboola.com
us-trc-events.taboola.com
us-u.openx.net
us-vid-events.taboola.com
us-wf.taboola.com
usermatch.krxd.net
vidstat.taboola.com
vidstatb.taboola.com
visitor.fiftyt.com
visitor.omnitagjs.com
vtrk.doubleverify.com
w698.al.com
wf.taboola.com
widget.perfectmarket.com
www.al.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
x.bidswitch.net
z-na.associates-amazon.com
z.moatads.com
ads.stickyadstv.com
104.126.116.163
104.18.102.194
104.18.18.126
104.18.19.126
104.244.42.131
104.36.115.109
104.36.115.111
104.76.100.229
104.76.105.144
104.76.105.242
104.77.8.25
107.178.246.49
107.178.254.65
107.22.152.193
108.138.106.100
108.138.128.46
108.139.29.12
13.107.42.14
13.224.205.31
13.224.214.16
13.224.214.22
13.224.214.35
13.224.214.46
13.224.214.76
13.225.214.57
13.226.16.121
141.148.45.191
141.226.224.32
141.226.224.48
141.94.171.213
141.95.98.71
142.250.176.194
143.204.150.76
151.101.130.49
151.101.193.44
151.101.65.44
151.101.66.133
151.139.128.11
162.19.138.116
18.164.101.60
18.164.131.14
18.189.125.221
18.232.9.126
18.233.202.251
185.167.164.42
185.255.84.152
198.148.27.140
199.187.193.130
199.187.193.192
199.38.167.129
2001:4de0:ac19::1:b:3a
207.198.113.93
209.54.182.161
216.200.232.249
23.192.21.246
23.192.31.127
23.192.61.21
23.200.168.248
23.200.169.61
23.21.59.154
23.221.200.79
23.221.203.12
23.64.60.24
23.64.61.72
23.67.198.169
23.78.168.242
23.78.200.97
23.92.190.68
2600:1400:d:18a::11a6
2600:141b:13::17d7:8228
2600:141b:13::17d7:82d0
2600:141b:13::17d7:82d3
2600:141b:13::17d7:82da
2600:141b:5000:698::11a6
2600:1901:0:802f::1
2600:1901:0:8344::
2600:1f18:4e9:5a01:50cb:1c19:c33a:f836
2600:1f18:612b:4216:b10b:8058:fba8:7368
2600:1f18:612b:4232:404:2bd9:b8a8:362
2600:1f18:730:b130:1296:7358:4f0d:4115
2600:1f18:ed:550a:be9:db47:5744:e7ff
2600:9000:20ed:5600:8:48e:53c0:93a1
2600:9000:21ea:c600:1d:8c8c:47c0:93a1
2602:803:c002:200::52
2606:4700:10::6816:1857
2606:4700:10::ac43:266a
2606:4700:4400::ac40:929e
2606:4700::6810:9540
2606:4700::6810:f015
2606:4700::6811:b8b1
2606:4700::6812:a7e0
2606:4700::6812:d4c
2606:4700::6813:ad6c
2606:ae80:1471:16::760
2607:f8b0:4004:c06::9d
2607:f8b0:4006:807::2002
2607:f8b0:4006:809::2001
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80b::200d
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80e::200e
2607:f8b0:4006:81c::2006
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81e::2008
2607:f8b0:4006:81f::2002
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:1ec:21::14
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f13a:83:face:b00c:0:25de
3.134.32.50
3.135.132.32
3.224.10.93
31.220.27.155
34.102.146.192
34.107.148.139
34.111.234.236
34.120.135.53
34.120.155.137
34.150.170.96
34.197.122.29
34.199.73.116
34.204.136.32
34.215.0.93
34.239.63.36
34.98.64.218
34.98.67.3
35.170.24.35
35.190.59.101
35.190.60.146
35.190.91.160
35.201.67.47
35.201.96.126
35.207.24.140
35.211.178.172
35.71.130.31
35.71.139.29
38.91.45.7
44.209.207.157
50.16.197.56
50.17.145.253
50.57.31.206
52.205.122.0
52.205.167.202
52.207.19.117
52.223.40.198
52.23.59.39
52.3.43.165
52.36.23.219
52.4.169.124
52.44.243.126
52.45.33.138
52.46.141.85
52.55.204.85
52.95.118.179
54.146.152.111
54.160.175.117
63.251.28.233
64.58.232.180
64.74.236.95
68.67.179.87
69.166.1.12
69.169.86.38
72.251.229.176
74.119.119.139
74.119.119.150
8.28.7.109
8.28.7.81
8.28.7.84
8.43.72.98
82.145.213.8
99.83.154.140
99.84.174.182
99.86.224.95
00fe10e6a9ad1da63026c48c764d0c1a023ccde8ee8986d481240281a808131f
02cb7021a976ee701a220d545ef95f1ae452e58030139cabf338f4ca69dddbc2
034ad469e11c7acec691ec7c86b2a9c5999b37e682d9f3be1901c2068790427d
03d21a4fbb1b86fada54b2dd126c9360a2674f46006d2297a21ca7b62f88fe90
05b1cdb540f6fa5ee40011a9195e9d80c35e4e4c8a6d5f08d1f23edc114c3980
05fe9ef5605db74a3f627817b106f97567854f3f9166e319d161b6cc07faf0b4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07e2931edacbc02c4b8326499da509f79145246fa660c13fd4a77954ec041f4d
0949fd61389cf16da9e70430934ef817fe65b3e53209b9717f8f5f2e68d4a626
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0a34dcd7cbaa24d992747e892bcc51988d562ae429a280f8da1503ff9e621c57
0aa2a6b51271bc0c6fdcea8cfefc7a89c09eea960f83bc7c6e5fcd0c7d039052
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8b82997d73d135fd781f346c1c79db1ddd4ce9733ed824d5a9be99fb320b43
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0daa1932b4579f96ff53af6b9f539edea0cdadd9e5f77c89c8156e3721f9d36c
0ec22d938c2af9c2d0d4ef03504550f6edc79e85d1aa28b9cc80b6e26207f5ca
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
124b819299b0df6676239cf3b7b4d1c29db6b27c002085c661ccca42b8284148
135bc8a2a1e8c4e5a48857c398580c20955efffcc1e275dfc5cdc51036fc3eb8
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
193cc04713bb3a1a70c7afb361499494cc3189e5a219afc8455857d3e94e8b3a
196c4c22bfd02bc2a9b5094dd376d8ecfc9939f2f5172a6149e39512770ed517
1b9854034308c6360e1cebb969322af9baf1073dda358a94b73426f157f46fd1
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1ca7d45c26841657f394d905623d5e5c9c7f32aecc66d66ff8401388ffc43097
1cb614c81c491878e5b6256098b31fb4f68b7bbde5e60b21334d085db7e37549
1d328c219447e6bbc9cbaae672e5701419cefe574db31c112f29212710d53272
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
1da2d8390e16db76ef0d1e6d613f3c47459a2fabf4ade3dd623aec42787daa09
1f9754ef316415a32f1cf417c4ff21e7382a4f290e9f83c52357bfe1c84aa277
2227c7750083e142d64b01a9b2bfbbc8ca99fd983fd6577dd3880867f09b0d44
22475e1fcb8c928b3ed326b99b475b3d22a8c7b84e232417242df299c01fba19
2265d5a11dcbe510854025b66f1fa9e29aeb7af3d541b90c4defcfe34b0fec67
22664c880644824187eafa7535e895adf3725e30ec96ccba4c06aadba4b17406
22f61d24d629d4f25fd701c8f8c653c42853c6118170d66bb99ab29fac3ee1e4
256b42d63146c599e22aa9f3da750cca15a444db46b7207d49fa58e1d1869a76
25c3fb46576f9c03a7aa53f9e84261623a1a1d7aef5cc0024641d040a89c02ea
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26f773c897089f0888cf419ea5dd6a745992901f361d41d41b395d6606abea4d
2838ada1a2e98ea67fbff5622ae6dbc293c5cae3f50be29febaa03b9a4bd8627
28e32bf626a751627f65093983897c5c069aaf05f339461965aab579378ccdb6
2a3493f0ccfe2c01adca092d40d99c62c80938188044917f7f5e714cb894f76a
2a3c9ae96399b2e2f3d96cb43c7c7dc22b05ac87d68ccd7ef10d6f775583079b
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2dfc4972c0090ea6cf2a636e15e639a090c3937794c677f18394919f93456da4
2e1f894530f6059783d8bf3f0b39c93790a88ad37a72100e6abd91051ed455f5
2f36fa0a282c376f2979a7958b50bf9dec790f9d18ad9071f99401b6abeabb81
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
34d317242bf8d2371b8546c7b9e153c94dab38206fd11344c4bb51aeef412d98
354873c8eaa9c04ce127a061a22c51a0172f7bc380e07660286149fe5b046c30
35bc8e455f9bc1647965208a21fb7caeec8c31151ccc6df92d4abdb136e9b7c5
36fee44e2675255ed7247cf992e7afde4e790b4742c7e7a77bfa0068217f6bba
3726d39b1bcfeb1aa9dd9b3410560a00766b20c6eb74c891aac555cee7e66af1
375e796fa067182ddbda956316c66cf3e5e6621832e1d677d95231ae785f0778
380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8
39cfc3b2f18c06d718db59e9e6750408759c1a668e9c30368873761c7c9e7e37
39f2cbd2025a1330513ff61adc64be4cadb3f3f0936b1632f749b56cb079c35d
3bb50a36eafe0d3404d177ff4b51cd47c003e0d3ce541669dbf3bf5df8c5aa06
3d9d24d9024f0ab0ccb61f664f6085605c7ca4863b075ee2b0fb8796fd8434ee
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f473ed581c0220e1999f8a79cc7e2d8c19bfb3cca2ccfa8be5cd5195edf5f90
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe9e212688fbeca5e6bd2059c2d831b67baa36e08309921a20f97f842350bf5
40093933237cb4fb5b077344618f6d2ded4ee7c7346b4da9222a76d094f2d7ca
418e9983c4735249d94225d3caa49a47b14b4645a4510b59df7944891149e5bc
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45169abf0c7bb67cf7708983ec00a7c62c8beddb556112ec1ae79de86c8c9681
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
46a19d23cbdd940140b04292cc3892d5d5553810f7e292858447944a681e1b25
47bc29cf6dfa7c0bf8eacd4bf2e8c38b59f9cef4bac0e84eb444033271c5058e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0bf7980ca0b77aaf26a72acf3dd5f291e714c439e1fee4077d272730c43d79
4ee9d5f7cb721331f59c02f1f9b714c2090b075fdb348ef5b993b9011223f9b9
4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16
4f5d97890f5e52a866e2def2c1c92b8442eb08c122ca4218be89cd0fdaa3e172
51094775786b07927f377fc8e35a32c9bcb15f6ed4b6be16fd6d3bec9d79bd15
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24
5287fc6acf59b0fddf540e4b3e2221c82e69ef6aa51d14d884f654a3e7d9687a
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54946f23afed8e46f265caabfd139d5e38987bde9b8c324e710b593318dbaf86
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54b95b0a83f8bdea6caee9a310e2c30fe45c06cca157f277ea8f01f4cfa45f72
5525fe0659c283e57d8ca8f0ff56cba585bd7fe8532df9387c0a824ae35dec76
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55de728ef0a10936705cb99408295f6edb6fc3d2b4e7d22e35a34ecd7a07d3b2
56a2e94108ef62eb2a1545eeacb7118f916db6e61fe546849c4952d3a1490ff0
581d49b94ca0e7632d76d14c2d18b4019d1dee00f7e6a47e34096428bf8afa07
5b7993df1ddabf2ffeb1a8954a73896a31ab1b8e87c4eaafe784fda75618abc3
5ce9c021bc825a7ed8b2db56f77949a2b62eca2934656b5b3c7d5a1eec61298d
5da00e867d1491c4b3138ee8064c39c9248262c94329ab114c5af4b3fc317ff4
5e0d40e58c1f28faecf2b517440ad2a395b68ab91b4464781e901e4acbee1356
5e25cf458110bd16d868bf00f93956505f5690c83dab21263227c786537a1653
5e53ec0344a2533c41a45b1a97bbd44c678ff5deb7c18229343035f0ece08081
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60e443739e2296594645dcaf9512b56527f263eab9a675271c36ccb769f33a1a
61687777569deecea667b59e7488070a2f1bd5cb1a11aa62601687778d583885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
64099d5dc2b3db16074ee223048cefc171144ac08bac35abab300c1f6e2a4ca7
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
652b841d0043695a8b66de230d399068d9738fe8589cbfd7b7929840b219872c
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
663a701b87d56613c41984525c4bd7b911c1c7b098fc2ecbc001d35d3479afa8
681ddafe3edfd23d96e3a634e43f268fa209052d70fdc9759003d74fdbb52a34
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c423ccd594e47e18ae63e5aec8126ae4cc5e1d1a7f643a6582d29ef80b335dd
6cd746746764002dec02d76f1d19a10b6a2919cae24db0f1449596f1da33b285
6ce5720faf06c98583a696f894dcb5e130683f197a5e00dc72e43b0b3ee8f828
6dac963ce4b6ea77a29e061f58a5e72b6e16d651dba939be7c3db8761d1fc588
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21
6ffc817ea1169b894aeada5ec524e4b1adb60eba7f7264908147dad58dbedfb8
706d476c614ed641b0dbc63cd30078881a7184cf266f7955fb6e338357c474c5
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
72c2275bcf103e50e96a588b1d8ad5d8542c2f6375e48a34ab0a59d9284465f4
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
731e46489c687c89e8e3f7eb26c12c804fbafc8f5e11758a81d6c4e692d1dee5
73312a1a2b5d89ad5acca3c399a6d7be5d7261fb408bcaf168e7b54b5eded8c7
737b3dff4e1d012ac07b675127dccc918db4b2d6a2a437b6aa200308ce1ec62c
7463a043579676cb0204e1e6de1314b435b48686f5f6a326dd2d43e4cb2a525d
7475c05506be64a3776f01a8983debdb2776e64807042516043ca861986cad40
747cc9b4cefffa930baa95746332a7f71136efa0019929b046e251b1c7b60e08
74d0702af21c66c828e3395bf52d1f22071c620c2b13abad6bddc00d9d220304
74d362fd9abb281b140dbe3d8ac4d5ce9933a81bc9d5e24d528f5b5f898516cb
752ad69fc2e90233f11cd5121335c04e2e9c62795c744d4b9e4396b331a05e7e
75691cdc2ac6c5ac515c719f99319ce307aeaae3bd331f8663589c3ed7f5b171
75c98b239cc78c81f450b53846fb471d0a271a7b25c12a654b36f1f985c99c44
786021d91f4c127b5ba8cc1414b7cb56fd18cf8c727661e61f788f4238264b2e
789228062659fc3c5412265a5a836b6c4d79b2ccde24f14952bc7409a267938b
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a5d4634b3216f8d40b8828a5360e03c24fcb65d603eb1b1910e70a49d5264d4
7ae5782653c20ab3af12a608d7414ec77fd9f01e92e5acbc2268239b4fe12c4f
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7d2ee626e6607390cfe0c1c474bdb64d367f9d07e274e73936fba5607010136c
7e4947e4db7071a710fb9937063d28fa24f3bfdf7e354701ce9f0872adadc3a7
7ef23a88a7396ff51bd751ad5b265aad833bf75c8b1e54c7b8b78de88736f82d
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
800dfc098a0ec5caba1af9b9db14c6e0f2ecf9f3019b8125387ad197744e097f
8044f344c7f9461a9de3043e4940aef037f9f060b31c0a17f3cabd46ba572770
804ccd65d9ec917feb0a7f17dcb7ebfb533059124236c050063699afcc75f249
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
815d695a5f1ce9f710014ae868926c5b609976a72172d3d9289a5cd66852eb98
8221dac33fc8965ed44440071e7d9d125212aff071465c782315965af67b1b1f
82859be1e152f2a630f200c7126f9d735d5090ff4db0bdd77b76ac9c0e3e4adf
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ca36b9cc55624cabaf79e9519349236e4516d956d5d593a8801893c1173b40
843d07622f51a846646b3bf4c8868d88a391d8340a8be1c6944c01e0c124f0c8
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
85d5ecf5f86975446a8e3f2c460c2867b0ea67a1aacad4a9946975b2821005e3
86ffff422121296921a28989a93fe4870ddea168c11be08a1c78efbe5c3be07c
87e2eb63d422d320c313cf377b0778651d3cd78e48a7ee8f3884d68e0d748487
89229a06cfea5bb3d5632f2ab726b52c9953045ad4c69102238e8733ecca1be9
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b8b45f95f260b5fe20ed13bbc24672747119392efa1b1a2ebf8034a87e24c78
8bce90ce30ffdbfd46d7e312568f2ef45f07eab771f3da3af7e9f7581efbdd66
8fa14a10e5e6a454aa9804fcf48bdf0d2f721ed661fb9dc977d1e61f8b84cbd5
91d7bfa225d7391f46406db4114aa5d213ab5e9619e02e9193964c2d2da384fa
91e8ce36ff6f8b9ecfeaff959610c7f03f9b32dd1517340f7727be4986d2616e
92da859f1df9a8b1cc43b48d0b256187a8b35f8d187ad3b46d2bfdf148f20401
947ef88f9ec54a28e10ed61f4d6d0ec27427533093b6fe877d211a03e4c09544
97d0ebd992c444d0993701cfa2032da7459012b685df3e7af1d0e5370ea3e150
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f5cf5dc98346e7efeca23004150f5a24a9288b445cc397343ddffdb3ec6afa
9a1d7ca4cd54d0ec453368215654d04f57e4a35f90eaaebfdb81a81cc6cdc682
9a4b29b7aa04f68294e92cc9d4b4979ccbafb9cfed08864bbb96c265b0195027
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9d9feaa31c5103d7695be8279a6c7465b88cfc9abcf72fad95b26a6550fe6d17
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
9e99f8d7027a12fc0b1e599bed03a6754c12254b1d36b17c15582d58d07bdeea
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a097f145b7b5399d1f8e9c86b6f4a36e43f5553fa77c7b2951504731914535ad
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a22fa88a3ae9ba52af74a0c51ba90da56ddd309908b9c8acfc60292af2705152
a34d4109218b5aedf3710e78d38ae499c674192337a51d3874cd10bb7646e8cd
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a4fa44eaa38e3d2fde665f2408a41eae3e286dbb15f722aa05f68aec08af4545
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a557acc4d391b00862a27738698252fad19839d030dc5045e99d3541b8212b18
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3
a82ed5ce69e65c85c0e27666b8cb4755e06df6c363ae0ba064694e7a81b99b5b
a87ef79face3a1a1e6562ef5e6c1c180aa81d286778b8b64b668bb7562aabb7f
a8adf131d347231221d3dfdbdc1152820684842a436191cc75b81dc2a3faaa00
a90c97446825de8dff1e47f7b4895c260d2ad07e58b8defc820de1bc0cceb1b5
a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1
a9fad541e10caeebefedf8a2e64eb955f2168545c2368b38e42e79ce1f04025b
ab545c5b8e6ac6f44ff82c36e6f3547eaca5504a0b547fe1cd0c27dfa50f165d
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
ac866e1c6e6431f27e26293f9fdba77df383e09814008bff6d26f260829692a0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acffbacdaa7c976f3f37ef9cbec9a603ede3c7430138462d896d97139b724822
ad36b8d9d88bd6e50734282950233bba3632c6b547b5b6d895c575b56fbe36bd
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
af7bbc49c4043912d715061be2566be1ab02e08e7480c1cdc88759a58066953d
aff96522b5804bc7f1ed506c574fb9177677acdc47a833e2195cd14bf2f40e81
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
b0766007565870c9a9ce93e31236bc0119fd01fff87ed569848a2a486e931c0c
b0e5f75737069b92366556f368840c2f2778d722ae369acb134fada124d3fd1d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b9468203d1a374c57d8f34c2df0229524b0b930bd43ed137a2a9bbbb21c1606e
b9688dec5de3e7b5f21abb3b9c0271f92664db4b056cb6d814dad158e3f1e2d0
b9cc609018701c255a92ad28f3da2865279d74672911e9977a9170192be8b1cf
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bff66521bdbfca73af4a6e0f85f8260bb558db5b948e97ebc53935c73be41636
c1a4f61c9ae69cb46413ae64e28ff1880a5230cb8f6941593f508026ec9cea3b
c1a8855b73e7e03e4f608f57a79ae72a3b6250e9c71eeaa5a6ba0e301a6ac166
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
c9293ae39a355ccc052e73da431639f1cbd6fd164eec2a43a04cb0d897c6ae7a
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f
c948008e85bad263dc49df013408d09c061b0833fa4f502ed1c743dd5f313044
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb59848b4e6672fb3b94f7ce6ee8c7f6916c0ea6110c79e1384d9a71e8ebbf1d
cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0d574f829a4394a6ac2506b2d3f3bdb1cb47541aa8a67ea64f77801e93462c8
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d33a8782a0ffd197f8fe1c40875463abb90c32c1332ee2a5e212f8d3964c6ad7
d42c2f159355038f22dcd8f0974397b82d41a4283b00e3cbb6d9705219f867a2
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d754e05bc2acdfe544b477f31c057921708a43b9868402c1ae574c5c614dc528
d86e53003d066e7dd45f471aa716af0a8651523bcdb68cb5defbd2d6520afb85
d916a11c273edc69e2cc3c965ab77bbb3a38144b7e1c32932d30cb438bf0d494
d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8
da96cc17a52b5f68b51c6e2d10771db120c1d060d9f482bc40c4073235ec421b
daa3f79e268a9c4214986fb27dac8f0689dd039afc373752288877cacefe40d2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddbe4dc047258f7eca957bdf52f95cec733b9106a0916688606271813646bb62
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de64fe530810b475075372db39e911fd7e0adb8905014b76ca0e1d3c810e5f41
e076e283f278bac3178152acfc06382c3c811bd94c6774686236aee128595038
e0aaa27690a788bbc94b7c39343385dcbb02e70a18141d3f2905e977d61ea50f
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
e7261fe5ce66c71ad531ce6da47cd76b7b875cea04c6fe7cfe616b0cad05cd3b
e81c248b5ead146b62a1d4da26be147cf9873e714e74e66daa5bd113a0e0d2ba
e852f50e9d2ce9f2878052a1cb025e9ceabf069ce8af6cbedbac0710f0e3732a
e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9
e912691f2bc0f133baae0e605409b7725064b2ec67f12bc9f28b855aaf1ae59e
e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90
e9578cd7f56d410be192f1bd13e06fef70c7d9af1156b6c905d6dfbb1ef98318
ea3a323f874f2fe5e46430fad43e98577725ee1c542ea853d645cd7caef303cb
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec2b20442837efd4e5ce0bbc2f0736e28578f430898b81fc1bef64e715e2950c
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee04d74c2301db0c7e482cddcc9838ddec252a12501334fb58e0aa5505f61c8e
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee488bcb82413b3061d91d4fa92e4249bf6c0b9c96d16df965640550135fae0b
ee4d81e9cfb365c75b7a5c452d7830798b4add10af88b7a59d1f3e695984fbaf
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef45bf257c039658ec85b1e9689b180583397ee6bd2f3f2faa6d29f420bbfd1a
ef80f41df5a80f9745683bdbbe98f99950f8e8965c77d403d037119d1ddfaf6f
efc1feac35e089b632417f7f1c2cfddb46d4b16c234407a9d98ed2d64261f21d
f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8
f0fe48c6d801e92f2a828fd845c6a23669fdf39c8601a073c7dc3892f5eafe5c
f11a313bf27b8a2b0eb16f2959cd18537b9dc447628d35c57573b69b265ee148
f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc
f2c042a1cfefc1fbe3ee13eaea8d253a3addeab87acd3836f65d2a14ee118c58
f39c96939fd5296e44f4a6b3731a5822497f9adc95f2fa6b42c0248936b46f9a
f463d6ca8c1f86826a508f483d18c701e7350c5140aaf04d21d8a56b4df0a291
f5ef53326a77aa95d9aa77bf714c1119092ac0ec88c3a1290ae8d89f38eef78f
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f8051f3eb7b146bdfd1156266a2947c7361e2d9546fa39f4c86cc06d869cd877
f8b348b3f402fc76b1e6f3ca3075acedb9999000e22f2d951f2dec43e712f99f
fa38bb1bd6c346951062e5ed2f672b21d3d775a339db5cee184697d7bd291879
faf78b6d0ba1a4313a9c7b724a7e32f6287f443967b5d59ec90db57a8eb701b2
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fbd7ed4f93721d1fd01062540e84d0c3fa8a5297ef5daff964e7ea5f532930ad
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd2ae9b801341b26c5b27cadd30e59ac94229ed59af3acd2d1b9e0ad294ad65f
fd74784e94c28808ed2fdbf7f9aab5a8d4f435e382f83c440f8e6bf0e0d4c579
fea9e92be4b23ac73187ac204d5d12c0b6aca8c11961784692947b408bb869a6
feb2c60c8be9af21b80c85e7cf2866d5868514be92a4da03bf08e0a9b3c3c348
ff048888d2deed4fd6b3bb53479d76447f4c7ba23295c9f9d40b095741f3fc2b